{"id":4177,"date":"2023-01-12T08:06:48","date_gmt":"2023-01-12T08:06:48","guid":{"rendered":"\/cybersecurity-blog\/?p=4177"},"modified":"2023-03-29T12:04:33","modified_gmt":"2023-03-29T12:04:33","slug":"annual-report-2022","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/annual-report-2022\/","title":{"rendered":"Annual Report 2022"},"content":{"rendered":"\n

It’s tradition now to review the year and share all cybersecurity trends and ANY.RUN<\/a>‘s updates of the last year. Our team has prepared 2022\u2019s threat stats and hopes it helps you make your best decisions. 
<\/p>\n\n\n\n

For a moment, it looked like we were headed for a great year.
<\/p>\n\n\n\n

January began with a huge win against REvil, whose activity got squashed by an unprecedented international law enforcement operation. Was the world about to crack down on ransomware and finally deal the lethal blow?
<\/p>\n\n\n\n

Unfortunately \u2014 no. One way or another, ransomware was<\/em> in the spotlight this year. Only, not in the way we would have liked. 
<\/p>\n\n\n\n

A new player called Conti quickly filled the void left by REvil. The audacious gang almost caused a nation-wide economic collapse in Costa Rica by temporarily driving the country\u2019s international trade into a standstill. Looks like this battle will continue in 2023.<\/p>\n\n\n\n

https:\/\/twitter.com\/BleepinComputer\/status\/1550123586081288192<\/a><\/p>\n\n\n\n

This year was, once again, a record-breaker. And not in a good way. But it\u2019s not all doom and gloom, though. New cybersecurity tools are coming in the clutch to assist security professionals and ANY.RUN is continuing to make threat analysis simpler and easier than ever before. 
<\/p>\n\n\n\n

Let\u2019s dive straight into the malware trends of the outgoing year and recount how far we\u2019ve come in our annual report.
<\/p>\n\n\n\n

Cybersecurity 2022 review <\/h2>\n\n\n\n
    \n
  1. Ransomware is still a huge threat. An unprecedented attack against the government of Costa Rica halted the country\u2019s export and import early in the year. The economy was paralyzed and a state of emergency was declared. Ransomware can cripple countries, then. This malware type has also undergone a Cambrian explosion, with over 21 000 variants appearing<\/a> in the wild. Keep your eyes on Lock-Bit, Play, HIVE, Royal and Donut. <\/li>\n<\/ol>\n\n\n\n
      \n
    1. Data breaches were on the rise, too. A hacking group called Lapsus$ entered the stage in December 2021 and immediately began wreaking havoc. One after another, they breached Nvidia, Samsung, Ubisoft, and then Bing. In an unrelated incident, Twitter got hacked thanks to a zero-day vulnerability. The security oversight caused<\/a> a leak that revealed the confidential data of 5.4 million users.<\/li>\n<\/ol>\n\n\n\n
        \n
      1. DDoS attacks are at a historical all-time high. This year\u2019s unstable geopolitical landscape nourished state-sponsored hacktivists, who, having decided that the existing tools are not enough, began working on new botnets. As a result, attacks over 1 Tbp\/s are now common, and their duration is increasing alarmingly fast. Of course, hackers were quick to jump on the wagon. They began incorporating DDoS into multi-vector attacks as a smokescreen to throw off security teams.<\/li>\n<\/ol>\n\n\n\n
          \n
        1. Digital supply chains are growing in scale and complexity. Enterprises rely increasingly on third-party solutions, whose cybersecurity they can\u2019t control. Open-source libraries, use of trusted software, and post-pandemic security ease off: these are all factors that expose enterprises to supply chain attacks.<\/li>\n<\/ol>\n\n\n\n
            \n
          1. Cyber attacks are getting more press coverage, and many companies are finally getting serious about security. But lack of funding and understaffing remains an acute issue with many teams complaining that there are simply not enough hands on deck to respond to incidents effectively. <\/li>\n<\/ol>\n\n\n\n
              \n
            1. To counterbalance the shortage of trained personnel, companies are beginning to adapt managed services. And thanks to online sandboxes, identification and analysis are now faster than it\u2019s ever been.<\/li>\n<\/ol>\n\n\n\n

              Malware 2022 review <\/h2>\n\n\n\n

              There were 2.8 billion malware attacks<\/a> in the first half of 2022. While the data that covers the whole year is not available yet, this is in line with what we saw in 2021.
              <\/p>\n\n\n\n

              ANY.RUN <\/a>can also share with you some numbers. Redline dominated ANY.RUN\u2019s upload chart, and Emotet was not far behind, helping to spread other variants.
              <\/p>\n\n\n\n

              \"\"\/<\/figure>\n\n\n\n

              <\/p>\n\n\n\n

              This year our users uploaded and analyzed 2.7 million samples on the service, with almost 500k task increase over 2021. A huge thank you for the continued support! 
              <\/p>\n\n\n\n

              As the infographic below shows, 60% of them were, in fact, trojans: 
              <\/p>\n\n\n\n

              \"\"\/<\/figure>\n\n\n\n

              ANY.RUN in 2022<\/h2>\n\n\n\n

              The big picture: this year, we automated malware configuration extraction (yeah), made the startup time imperceptibly quick, and released a new view that shows every detail of a process under a magnifying glass. 
              <\/p>\n\n\n\n

              We’ve also released an improved team management feature for big enterprises and made countless user-experience improvements. 
              <\/p>\n\n\n\n

              Here are the major things: 
              <\/p>\n\n\n\n

               ANY.RUN is now 10 times as fast <\/strong><\/h3>\n\n\n\n

              It\u2019s a given that startup speed is crucial for a sandbox. After all, In incident response every second matters. Our service has always performed exceptionally well in this regard, with the delay between uploading the sample and launching the analysis only around 18 seconds. A result that was already ahead of most interactive sandboxes, leaving automated ones firmly in the dust. 
              <\/p>\n\n\n\n

              But that wasn\u2019t enough.
              <\/p>\n\n\n\n

              So this year, we improved it by another 10 times with the Instant access technology. Which means that a sample runs immediately and is ready for analysis. Get both: the first results in a flash and stable usage for your research.<\/p>\n\n\n\n


              <\/strong>Improved analysis: more details and higher accuracy<\/strong>
              <\/h3>\n\n\n\n