* Cyber-attacks against organizations worldwide increased by an average of 50% in 2021, compared to 2020.
* Education and Research was the most targeted sector, with organizations facing an average of 1,605 weekly attacks.
* Software vendors experienced the largest year-on-year growth, with an increase of 146%./li>
Overall in 2021, organizations experienced 50% more weekly cyber-attacks than in 2020. With the Education/Research sector's 1,605 weekly attacks taking the lead (75% increase). This was followed by Government/Military with 1,136 weekly attacks (47% increase) and Communications with 1,079 weekly attacks (51% increase). Software vendors experienced the largest year-on-year growth (146%) which goes hand-in-hand with the ever-increasing trend of software supply chain attacks observed in 2021. This last year has also seen evolving attacks on mobile devices, an increase in major cloud services vulnerabilities and the return of the notorious Emotet botnet.
Highlights from the 2022 Security Report include:
Supply chain attacks: the infamous
Cyber-attacks disrupting everyday life: 2021 saw a large number of attacks targeting critical infrastructure which led to huge disruption to individuals' day-to-day lives, and in some cases even threatened their sense of physical security.
Cloud services under attack: Cloud provider vulnerabilities became much more alarming in 2021 than they were previously. The vulnerabilities exposed throughout the year have allowed attackers, for varying timeframes, to execute arbitrary code, escalate to root privileges, access mass amounts of private content, and even cross between different environments.
Developments in the mobile landscape: Throughout the year, threat actors have increasingly used smishing (SMS phishing) for malware distribution and have invested substantial efforts in hacking social media accounts to obtain access to mobile devices. The continued digitization of the banking sector in 2021 led to the introduction of various apps designed to limit face-to-face interactions, and those, in turn, have led to the distribution of new threats.
Cracks in the ransomware ecosystem: Governments and law enforcement agencies changed their stance on organized ransomware groups in 2021, turning from preemptive and reactive measures to proactive offensive operations against the ransomware operators, their funds, and supporting infrastructure. The major shift happened following the
Return of Emotet: One of the most dangerous and infamous botnets in history, is back. Since Emotet's November return, CPR found the malware's activity to be at least 50% of the level seen in
"In a year that began with the fallout from one of the most devastating supply chain attacks in history, we've seen threat actors grow in confidence and sophistication," said
Maya continued: "But it's not all doom and gloom. We also saw cracks in the ransomware ecosystem widen in 2021, as governments and law enforcement agencies around the world resolved to take a tougher stance on ransomware groups in particular. Instead of relying on reactive and remedial action, some shocking events woke governments up to the fact that they needed to take a more proactive approach to deal with cyber risk. That same philosophy extends to businesses too, who can no longer afford to take a disjointed, siloed, reactionary approach to deal with threats. They need 360-degree visibility, real-time threat intelligence, and security infrastructure that can be mobilized in an effective, joined-up manner."
Cyber Attack Categories by Region in 2021
The 'Cyber Attack Trends: 2022 Security Report' gives a detailed overview of the cyber-threat landscape. These findings are based on data drawn from
Blog: https://research.checkpoint.com/
Twitter: https://twitter.com/_cpresearch_
About
.
(C) 2022 M2 COMMUNICATIONS, source