Check Point Research (CPR) releases new data on Q2 2024 cyber attack trends. The data is segmented by global volume, industry and geography. These cyber attack numbers were driven by a variety of reasons, ranging from the continued increase in digital transformation and the growing sophistication of cybercriminals using advanced techniques like AI and machine learning. Economic motivation for income from attacks like ransomware and phishing as well as attacks fueled by geopolitical tensions and supply chain vulnerabilities continues to heavily impact this rise in the numbers.
This increase in global cyberattacks also stems from hacker interest in Education and Research, which saw the largest increase in cyber attacks in Q2 2024, when compared to all other industries. CPR warns that these factors can continue to accelerate the number of cyber attacks in 2024, driving the need for robust cyber security across all industries.
Key Statistics:
- In Q2 2024, Check Point Research saw a 30% YoY increase in cyber attacks globally, reaching 1,636 attacks per organization per week.
- Top 3 most attacked industries were Education/Research (3,341 attacks per week), Government/Military (2,084 attacks per week) and Healthcare (1,999 attacks per week).
- Latin America, (+53%), Africa (+37%), and Europe (+35%) showed the largest increases in cyber attacks in Q2 2024, compared YoY.
- Africa experienced the highest volume of attacks with 2,960 weekly attacks per organization, followed by Latin America with 2,667 weekly attacks per organization.
- North America accounted for 58% of publicly extorted ransomware attacks victims. The Manufacturing sector represented 29% of the published ransomware victims globally, marking a 56% year-over-year increase.
Cyber-attacks are increasing world-wide, with a 30% increase in weekly attacks on corporate networks in in Q2 2024 compared to Q2 2023, and a 25% rise compared to Q1 2024 . With an average of 1,636 attacks per organization per week, the relentless onslaught of attacks underscores the growing sophistication and persistence of threat actors. Several cyber threat trends are all happening at once.
For instance, the education and research industry has consistently been a prime target for cyber criminals due to its wealth of sensitive information and often inadequate cyber security measures made further complex by multiple groups of online users within and outside of the network expanding the attack vector surface. In fact, the education/research sector was the number one most attacked industry globally, seeing a 53% increase in Q2 2024 compared to Q2 2023, with an average of 3,341 attacks per organization every week.
Government/Military was the second most attacked sector with 2,084 attacks per week, reflecting the high stakes involved in state-level cyber espionage and disruption.
Looking back at cyber attacks for the Healthcare sector in Q2, healthcare organizations saw an average of 1,999 weekly attacks per organization, which was 15% higher than last year. Hackers like to target hospitals because they perceive them as short on cyber security resources with smaller hospitals particularly vulnerable, as they are underfunded and understaffed to handle a sophisticated cyber attack.
Ranking third out of all sectors for the most cyber attacks globally, healthcare is so lucrative to hackers because they aim to retrieve health insurance information, medical records numbers and, sometimes, even social security numbers.
Furthermore, the Hardware Vendor industry experienced largest increase in attacks, with a dramatic rise of 183%. This surge underscores the expanding target range of cyber criminals as they seek to exploit vulnerabilities across various sectors.
Regional Analysis of Cyber Attacks
Regionally, Africa experienced the highest average weekly cyber attacks per organization in Q2 2024, with an average of 2,960 attacks, marking a 37% increase compared to the same period in 2023. Latin America saw the most significant rise, with attacks increasing by 53% year-over-year to an average of 2,667 per week. The Asia-Pacific (APAC) region followed with a 23% increase, highlighting the global spread of cyber threats.
Region | Avg weekly attacks per org | YoY Change |
Africa | 2960 | +37% |
Latin America | 2667 | +53% |
APAC | 2510 | +23% |
Europe | 1367 | +35% |
North America | 1188 | +17% |
Ransomware Attacks per Region and Industry
In Q2 2024, ransomware attacks that involved public extortion were reported showing a 13% year-over-year increase, totaling approximately 1,200 incidents. North America was the hardest hit, comprising 58% of all reported ransomware attacks, despite a slight 3% decrease from the previous year. Europe experienced 19% of the incidents, marking a notable 28% decrease, while the APAC region saw the largest increase with a 38% surge, accounting for 16% of the attacks.
Region | Percent out of Published Ransomware Attacks | YoY Change in Number of Published Attacks |
North America | 58% | -3% |
Europe | 19% | -28% |
APAC | 16% | +38% |
Latin America | 6% | +1% |
Africa | 1% | -55% |
In terms of industry impact, the Manufacturing sector was the most affected, representing 29% of publicly extorted ransomware attacks’ victims globally, with a significant 56% year-over-year increase. The Healthcare sector followed, accounting for 11% of the attacks and experiencing a 27% increase. The Retail/Wholesale industry saw 9% of the attacks, with a notable 34% decrease from the previous year. Notably, the Communications and Utilities sectors experienced dramatic rises in ransomware incidents, with increases of 177% and 186%, respectively.
Industry | Percent out of Published Ransomware Attacks | YoY Change in Number of Published Attacks |
Manufacturing | 29% | +56% |
Healthcare | 11% | +27% |
Retail/Wholesale | 9% | -34% |
Finance/Banking | 7% | -8% |
Education/Research | 6% | -3% |
Software vendor | 6% | -57% |
Government/Military | 6% | +31% |
Transportation | 6% | +40% |
Insurance/Legal | 5% | -25% |
Communications | 5% | +177% |
Leisure/Hospitality | 3% | +0% |
Consultant | 2% | -76% |
Utilities | 2% | +186% |
Energy | 1% | -25% |
(*) This data draws from ransomware “shame sites” operated by double-extortion ransomware groups, which publicly disclose victim information. While these sources have inherent biases, they provide valuable insights into the ransomware landscape.
Tips for Prevention and Mitigation
Organizations must take proactive steps to safeguard their data and systems. Here are some strategies inspired by best practices from Check Point Software:
- Enhance Security Posture: Regularly update and patch systems to close vulnerabilities. Multi-layered security measures, including firewalls and endpoint protection, are essential.
- Employee Training and Awareness: Regular training sessions can educate employees about the latest cyber threats and phishing tactics, fostering a culture of vigilance.
- Advanced Threat Prevention: Utilize technologies such as sandboxing and anti-ransomware tools to detect and block sophisticated attacks.
- Adopt Zero Trust Architecture: Implement strict identity verification for every person and device attempting to access network resources.
- Regular Backups and Incident Response Planning: Ensure regular backups of critical data and develop comprehensive incident response plans to quickly address and mitigate the impact of attacks.
- Network Segmentation: Isolate critical systems to limit the spread of attacks and protect sensitive information.
- Vulnerability Management: Conduct regular vulnerability assessments and penetration testing, prioritizing remediation efforts based on potential impact.
The dramatic rise in cyber-attacks globally, particularly ransomware incidents, signals an urgent need for robust cyber security frameworks. Organizations must prioritize cyber security, adopting customized strategies to effectively combat the evolving threat landscape. By implementing advanced security measures, fostering a culture of awareness, and preparing for potential incidents, businesses can better defend against the relentless tide of cyber threats. The time to act is now, before the next wave of attacks strikes.