Site icon Check Point Blog

Check Point Research: Weekly Cyber Attacks increased by 32% Year-Over-Year; 1 out of 40 organizations impacted by Ransomware

Highlights:

       ·  Average weekly attacks per organization worldwide reached a peak of 1.2K attacks, a 32% increase year-over-year

       ·  Education/ Research sector continues to be the most heavily attacked industry, seeing a 53% increase year-over-year

       ·  Globally, 1 out of 40 organizations were impacted by Ransomware attacks, a worrying 59% increase year-over-year

2022 began with a massive exploitation of one of the most serious vulnerabilities on the internet, theApache log4j, and continued with a full blown cyber warfare from the Russia-Ukraine war.
Today, Check Point Research (CPR) reports that the second quarter of 2022 saw an all-time peak, where global cyber-attacks increased by 32%, compared to Q2 2021. The average weekly attacks per organization worldwide reached a peak of 1.2K attacks.
The most attacked industry in Q2 2022 was the Education/Research sector, while Africa saw the highest volume of attacks peaking at 1.7K attacks on average per organization, and unprecedently, 1 out of 40 organizations worldwide was impacted by Ransomware, representing a 59% increase compared to numbers in the previous year.

Figure 1: Global Quarterly attacks from Q1 2021- Q2 2022

 

Education & Research is the most attacked sector

In terms of industries, cyber criminals seem to target most of their attacks on the education / research sector with an average of more than 2.3K attacks per organization every week. This represents an increase of 53% compared to Q2 2021.
Following this is the government/military sector that has seen 1.6k average weekly attacks, representing a rise of 44%, compared to the same period of time in the previous year. Subsequently followed by the ISP/MSP, healthcare and communication sectors, all seeing an average of 1.3K attacks per week, per organization, representing a substantial double digit increase year over year.

Figure 2: Global Average Weekly Attacks per Industry, percentage represents increase compared to Q2-2021

 

Ransomware at the center of attention

 

May 2022 marked the 5th anniversary of the infamous WannaCry attack, and it seems that Ransomware has completely changed the threat landscape, in that it has evolved to be a weapon in the hands of attack groups threatening governments. Check Point Research recently coined the term ‘country extortion’  after observing how ransomware expanded its business borders to now include the government sector.

In this report, CPR sees that globally, the weekly average of impacted organizations by Ransomware reached 1 out of 40 – a 59% increase YoY (1 out of 64 organizations in Q2 2021).

Latin America has seen the largest increase in attacks, spotting 1 out of 23 organizations impacted weekly, a 43% increase YoY, compared to 1 out of 33 in Q2 2021, followed by Asia region that has seen a 33% increase YoY, reaching 1 out of 17 organizations impacted weekly.

Ransomware attacks per industry:

Retailers and the wholesale sector saw the largest spike in ransomware attacks, with an alarming increase of 182%, compared to the same period last year, followed by the Distributors sector that saw a 143% increase and then, the government/military sector, reporting a staggering increase of 135%, reaching a ratio of 1 out of 24 organizations impacted by ransomware on weekly basis.

Industry Weekly Impacted Organizations YoY Change
Government/Military 1 out of 24 +135%
Education/Research 1 out of 30 +83%
Healthcare 1 out of 31 +47%
ISP/MSP 1 out of 37 +9%
Finance/Banking 1 out of 41 +42%
Communications 1 out of 46 +59%
SI/VAR/Distributor 1 out of 47 +143%
Manufacturing 1 out of 48 +60%
Retail/Wholesale 1 out of 53 +182%
Utilities 1 out of 59 +11%
Transportation 1 out of 70 +28%
Software vendor 1 out of 74 -34%
Leisure/Hospitality 1 out of 77 +24%
Hardware vendor 1 out of 78 +48%
Insurance/Legal 1 out of 81 +1%
Consultant 1 out of 87 -17%

Figure 3: Ratio & percentage of attacks per industry

Immediate measures can be undertaken by any organization or country to guard against ransomware attacks. From continuous data backups, reducing the attack surface to simple measures like constant up-to-date patching, implementing a cyber security action plan will help to reduce such ransomware attacks.

 Attacks per Region

Our researchers saw that Africa was the most attacked region in Q2 2022, peaking at 1.76k weekly attacks on average, per organization, a nominal increase of 3%, compared to the same period last year against the continent.
Following Africa, Latin America experienced astounding numbers of 1.60K on average, marking a 29% increase respectively, year–over-year.

Region Weekly Attacks
per Organization
YoY Change
Africa 1,758 +3%
Asia 1,684 +25%
Latin Americas 1,602 +29%
Europe 963 +26%
ANZ 937 +82%
North America 854 +54%

Figure 4: Attacks & percentage increase per region

The statistics and data used in this report present data detected by Check Point’s Threat Prevention technologies, stored and analyzed in ThreatCloud. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. The intelligence is enriched with AI-based engines and exclusive research data from the Check Point Research (CPR) – The intelligence & Research Arm of Check Point.

How To Prevent The Next Attack

Mega cyber-attacks like SolarWinds and Log4J were not inevitable. With the correct measures and technologies in place, many organizations could have avoided the impact and devastating effect of such attacks. In order to truly combat the next threats, organizations must take a proactive approach, using advanced technologies that can prevent even the most evasive zero- day attacks.

In other words, the next attack can be prevented if companies change their view on security, and follow a few guiding principles.

Choose Prevention over detection:

Traditional cybersecurity vendors often claim that attacks will happen, and there’s no way to avoid them, and therefore the only thing left to do is to invest in technologies that detect the attack once it has already breached the network, and mitigate the damages as soon as possible.

This is untrue. Not only can attacks be blocked, but they can be prevented, including zero-day attacks and unknown malware. With the right technologies in place, the majority of attacks, even the most advanced ones, can be prevented without disrupting the normal business flow.

Keep your threat intelligence up to date

Malware is constantly evolving, making threat intelligence an essential tool for almost every company to consider. When an organization has financial, personal, intellectual, or national assets, a more comprehensive approach to cybersecurity is the only way to protect against today’s attackers. And one of the most effective proactive security solutions available today is threat intelligence.

Implementing the most advanced technologies

Attack techniques are diverse and constantly evolving. IT systems are complex and there is no single silver-bullet technology that can protect from all threats and all threat vectors. However, there are many integrated and impactful technologies and ideas available such as: machine learning, sandboxing, anomaly detection, content disarmament, and numerous others that can help prevent the next cyber attack. Each of these technologies can be highly effective in specific scenarios, covering specific file types or attack vectors. Strong solutions integrate a wide range of technologies and innovations to effectively combat modern attacks in IT environments.

Maintain security hygiene

To prevent your organization from being the next victim of a cyber-attack, read Preventing the Next Cyber Attack

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Exit mobile version