Trellix Threat Labs Research Report: Cyberattacks Targeting Critical Infrastructure Rise Along with Geopolitical Tensions

By Trellix · April 27, 2022

The release of our Trellix Threat Labs Research Report: April 2022 examines cybercriminal behavior and activity related to cyber threats in the fourth quarter of 2021 and the first quarter of this year.

We’re at a critical junction in cybersecurity and observing increasingly hostile behavior across an ever-expanding attack surface. Our world has fundamentally changed. The fourth quarter signaled the shift out of a two-year pandemic which cybercriminals used for profit. International Law Enforcement acted against a notorious ransomware group, and we continued the cyber momentum in the new year where we’ve seen an escalation of international cyber activity. Our Q4 research also identified a multi-stage espionage attack on high-ranking government officials including a prime minister’s office and staff.

During the first quarter of 2022, the focus on threats shifted to campaigns weaponizing cyberthreats against Ukrainian infrastructure in the Eurasia region conflict including the newly identified HermeticWiper. And while writing this blog for the report, details became public around the Pipedream malware. A malware that has several capabilities to target devices, protocols, and platforms in critical industries. Cyber defenders must realize they need to focus on the tactics, techniques, and procedures of this toolkit and anticipate how they might detect and defend against future potential developments of this kind.

This threat report also offers research and analysis on additional relevant Q4 2021 threat topics including:

• Ransomware
• Nation-State Activity
• Prevalent Threat Statistics
• MITRE ATT&CK Techniques
• Most Targeted Sectors, Vectors, and Countries
• Living Off the Land Techniques

In addition to the findings of this report, don’t forget to use our Threat Center dashboard for updates and profiles of the most current prevalent threats and a knowledge base that includes targeted countries and sectors along with proactive solutions to help your enterprise stay ahead of emerging threats.

As always, we welcome your feedback on our latest threat report and to hear what you would like to see in the next report.