Check Point Research (CPR) has released new data on the 2022 cyberattack trends. The data is segmented by global volume, industry, and geography. Global cyberattacks increased by 38% in 2022, compared to 2021. These cyberattack numbers were driven by smaller, more agile hacker and ransomware gangs who focused on exploiting collaboration tools used in work-from-home environments, and targeted education institutions that shifted to e-learning post COVID-19. This increase in global cyberattacks also stems from hacker interest in healthcare organisations, which saw the largest increase in cyberattacks in 2022, when compared to all other industries. CPR warns that the maturity of AI technology, such as CHATGPT, can accelerate the number of cyberattacks in 2023.
Check Point Research (CPR) has released new data on last year’s cyberattack trends. The data is segmented by global volume, industries, continents, and countries.
Key Statistics:
- The global volume of cyberattacks reached an all-time high in Q4 with an average of 1,168 weekly attacks per organisation.
- The top three most attacked industries in 2022 were Education/Research, Government, and Healthcare.
- Africa experienced the highest volume of attacks out of any geography with 1,875 weekly attacks per organisation, followed by APAC with 1,691 weekly attacks per organisation.
- North America (+52%), Latin America (+29%), and Europe (+26%) showed the largest increases in cyberattacks in 2022, compared to 2021.
- The US saw a 57% increase in overall cyberattacks in 2022. While the UK saw a 77% increase and Singapore experienced a 26% increase.
Quote: Omer Dembinsky, Data Group Manager at Check Point Software:
“Cyberattacks are increasing worldwide, with 38% more cyberattacks per week on corporate networks in 2022, compared to 2021. Several cyber threat trends are happening simultaneously.
For one, the ransomware ecosystem is continuing to evolve and grow with smaller, more agile criminal groups that have formed to evade law enforcement. Second, hackers are widening their aim to target business collaboration tools such as Slack, Teams, OneDrive, and Google Drive with phishing exploits. These make for a rich source of sensitive data given that most organisations’ employees continue to work remotely.
Third, academic institutions have become a popular feeding ground for cybercriminals following the rapid digitisation they undertook in response to the COVID-19 pandemic. In fact, the education/research sector was the number one most attacked industry globally, seeing a 43% increase in 2022 compared to 2021, with an average of 2,314 attacks per organisation every week. Many education institutions have been ill-prepared for the unexpected shift to online learning, creating ample opportunity for hackers to infiltrate networks through any means necessary. Schools and universities also have the unique challenge of dealing with children or young adults, many of whom use their own devices, work from shared locations, and often connect to public Wi-Fi without thinking of the security implications.
Looking back at cyberattacks for the healthcare sector in 2022, healthcare organisations in the US suffered an average of 1,410 weekly cyberattacks per organisation, which is 86% higher than the number we saw in 2021. Healthcare ranked second out of all sectors for the most cyberattacks in the US.
RELATED: Financial phishing cyberattacks significantly increase in Kenya and Nigeria in Q2 of 2022
Hackers like to target hospitals because they perceive them as short on cybersecurity resources. Smaller hospitals are particularly vulnerable as they are underfunded and understaffed to handle a sophisticated cyberattack.
The healthcare sector is lucrative to hackers as they aim to retrieve health insurance information, medical records numbers and, sometimes, even social security numbers with direct threats from ransomware gangs to patients, demanding payment under threats of having patient records released. Ransomware gangs also find the attention gained from attacking a hospital as an attractive plus-point for their notoriety.
Unfortunately, we expect the increase in cyberattack activity to increase. With AI technologies such as ChatGPT readily available to the public, it is possible for hackers to generate malicious code and emails at a faster, more automated pace.
To protect yourself, it is imperative to think about prevention first, not detection. There are several best practices and actions an organisation can take to minimise their exposure to the next attack or breach. These include cybersecurity training, keeping patches up-to-date, and implementing anti-ransomware technology.”
Cyber Safety Tips:
- Cyber Awareness Training: Frequent cybersecurity awareness training is crucial to protecting the organisation against ransomware. This training should instruct employees to do the following:
- Not click on malicious links.
- Never open unexpected or untrusted attachments.
- Avoid revealing personal or sensitive data to phishers.
- Verify software legitimacy before downloading it.
- Never plug an unknown USB into their computer.
- Use a VPN when connecting via untrusted or public Wi-Fi.
- Up-to-Date Patches: Keeping computers and servers up-to-date and applying security patches, especially those labelled as critical, can help to limit an organisation’s vulnerability to ransomware attacks.
- Keep your software updated. Ransomware attackers sometimes find an entry point within your apps and software, noting vulnerabilities and capitalising on them. Fortunately, some developers are actively searching for new vulnerabilities and patching them out. If you want to make use of these patches, you need to have a patch management strategy in place—and you need to make sure all your team members are constantly up to date with the latest versions.
- Choose Prevention over detection: Many claim that attacks will happen, and there is no way to avoid them, and therefore the only thing left to do is to invest in technologies that detect the attack once it has already breached the network and mitigate the damage as soon as possible. This is not true. Not only can attacks be blocked, but they can be prevented, including zero-day attacks and unknown malware. With the right technologies in place, most attacks, even the most advanced ones, can be prevented without disrupting the normal business flow.
COVER PHOTO: Oman Observer