2022 has been a busy year for the information security industry on both sides of the playing field. We have seen an increase in target attacks on businesses, a larger number of Zero-Day vulnerabilities disclosed that were being actively exploited in the wild, several major companies had data stollen and leaked, and we cannot forget the threat actor war going on over the Russian Invasion of Ukraine. With all these items, law enforcement agencies have also been very busy with the seizure and shut down of two major “hacker” marketplaces, Hydra and RaidForums.

Life would not be the same without new popping up that one state level threat actor or another was attacking and compromising US defense contractors or other businesses linked to US national security and defense. The counties of origin for these actors become a blur over time, although you do see some highlighted depending on current political trends. The two most often bandied about are Russia and China with North Korea getting an honorable mention.

The Threat Landscape is an interesting topic of discussion. It is a constantly changing thing and even the best predictions can often fall short of the actual threat. This is because in most cases, the attackers are a step ahead of the defenders. They have the advantage, to coin a D&D phrase, they won the initiative roll. Defenders are always waiting to see what might happen, they plan without really knowing what the attackers are going to do which means they have to be secure everywhere (not really a possibility). To help them put their resources in the right places, most security teams rely on threat intelligence feeds and an understanding of the Threat Landscape.