In Q4 of 2021 there was an all-time peak in weekly cyber-attacks per organization, counting over 900 attacks per organization
In 2021, there was a 50% increase in overall attacks per week on corporate networks compared to 2020
Education and Research was the most attacked sector
Less than a month after the world witnessed one of the most serious vulnerabilities on the internet, with millions of attacks per hour attempting to exploit the Log4J vulnerability, 2021 been a record breaking year in terms of cyber-security. Back in October, Check Point Research (CPR) reported a 40% increase in cyber-attacks globally, with 1 out of every 61 organizations worldwide impacted by ransomware each week.
Check Point Research (CPR) today reports that from mid-2020 throughout 2021, there has been an upwards trend in the number of cyber-attacks. This trend reached an all-time high at the end of the year, peaking to 925 cyber attacks a week per organization, globally.
Overall in 2021, researchers have seen 50% more attacks per week on corporate networks compared to 2020.
In 2021, education/research was the sector that experienced the highest volume of attacks, with an average of 1,605 attacks per organization every week. This was a 75% increase from 2020. This was followed by the government/military sector, which had 1,136 attacks per week (47% increase), and the communications industry which had 1,079 attacks weekly per organization (51% increase).
Africa experienced the highest volume of attacks in 2021, as can be seen in the visual below, with an average of 1,582 weekly attacks per organization. This represents a 13% increase from 2020.
This was followed by APAC, which has an average of 1,353 weekly attacks per organization (25% increase); Latin America, with 1,118 attacks weekly (38% increase); Europe, with 670 attacks weekly (68% increase); and North America, with an average of 503 weekly attacks per organization (61% increase).
Preventing the next cyber pandemic – A strategy for achieving better security
Prevent attacks before they happen – One of the biggest challenges facing security practitioners is Gen V attacks – the combination of a wide breadth of threats, large scale attacks and a broad attack surface. A security architecture that enables and facilitates a unified and cohesive protection infrastructure is going to provide more comprehensive and faster protection than an infrastructure comprised of pieces that don’t work together. This is the heart of what Check Point Infinity delivers – a security architecture to prevent attacks before they happen.
Secure your everything as everything is a potential target – To achieve effective coverage, organizations should seek a single solution that can cover all attack surfaces and vectors. One solution that provides broad prevention across all attack surfaces. In a multi hybrid environment, where the perimeter is now everywhere, security should be able to protect it all. Email, web browsing, servers and storage are merely the basics. Mobile apps, cloud and external storage are essential, so does compliance of connected mobile and endpoint devices, and your growing IoT device estate. Workloads, containers, and serverless applications on multi- and hybrid-cloud environments should be part of the check list at all times.
Maintain security hygiene
Patching: All too often, attacks penetrate networks by leveraging known vulnerabilities that have a patch that has not been applied. Organizations should strive to make sure up-to-date security patches are maintained across all systems and software.
Segmentation: Networks should be segmented, applying strong firewall and IPS safeguards between the network segments in order to contain infections from propagating across the entire network.
Educate Employees to Recognize Potential Threats: Quite often, user awareness can prevent an attack before it occurs. Take the time to educate your users and ensure that if they see something unusual, they report it to your security teams immediately. User education has always been a key element in avoiding malware infections.
Implementing the most advanced security technologies: There is not a single silver-bullet technology that can protect organizations from all threats and all threat vectors. However, there are many great technologies and ideas available – machine learning, sandboxing, anomaly detection, content disarmament, and numerous more. Each of these technologies can be highly effective in specific scenarios, covering specific file types or attack vectors. Two key components to consider are threat extraction (file sanitization) and threat emulation (advanced sandboxing). Each element provides distinct protection, that when used together, offer a comprehensive solution for protection against unknown malware at the network level and directly on endpoint devices.
The statistics and data used in this report present data detected by Check Point’s Threat Prevention technologies, stored and analyzed in ThreatCloud. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. ThreatCloud is actually the brain behind Check Point Software’s threat prevention power, combines big data threat intelligence with advanced AI technologies to provide accurate prevention to all Check Point Software customers.