- In 2021, cyber attacks Increased by 50% year over year globally and by 71% in the UAE
- Education and Research was the most attacked sector
Check Point Research (CPR) is sharing statistics of increases in cyber attacks on organizations in 2021. Last year, CPR saw a 71% increase in cyber attacks per week on corporate networks compared to 2020 in the UAE, and a 50 % increase worldwide. The trend of increasing cyber attacks reached an all-time high at the end of 2021 after revelations of the Log4J exploit, peaking to 925 cyber attacks a week per organization globally, and 408 weekly attacks on organizations in the UAE.
Less than a month after the world witnessed one of the most serious vulnerabilities on the internet, with millions of attacks per hour attempting to exploit the Log4J vulnerability, 2021 been a record breaking year in terms of cyber-security. Back in October, Check Point Research (CPR) reported a 40% increase in cyber-attacks globally, with 1 out of every 61 organizations worldwide impacted by ransomware each week.
In 2021, education/research was the sector that experienced the highest volume of attacks, with an average of 1,605 attacks per organization every week. This was a 75% increase from 2020. This was followed by the government/military sector, which had 1,136 attacks per week (47% increase), and the communications industry which had 1,079 attacks weekly per organization (51% increase).
Omer Dembinsky, Data Research Manager, at Check Point Software said, “Hackers keep innovating. Last year, we saw a staggering increase in cyber attacks per week on corporate networks compared to 2020. The number of cyber attacks peaked towards the end of the year, largely due to the Log4J vulnerability exploit attempts. New penetration techniques and evasion methods have made it much easier for hackers to execute malicious intentions. What’s most alarming is that we’re seeing some pivotal societal industries surge into the most attacked list. Education, government and healthcare industries made it into the top 5 most attacked industries list, worldwide. I expect these numbers to increase going into 2022, as hackers will continue to innovate and find new methods to execute cyber attacks, especially ransomware. We’re in a cyber pandemic, if you will. I strongly urge the public, especially those in the education, government and healthcare sectors, to learn the basics on how to protect themselves. Simple measures such as patching, segmenting your networks and educating employees can go a long way in making the world safer.”
Preventing the next cyber pandemic – A strategy for achieving better security:
Prevent attacks before they happen - One of the biggest challenges facing security practitioners is Gen V attacks – the combination of a wide breadth of threats, large scale attacks and a broad attack surface. A security architecture that enables and facilitates a unified and cohesive protection infrastructure is going to provide more comprehensive and faster protection than an infrastructure comprised of pieces that don’t work together. This is the heart of what Check Point Infinity delivers – a security architecture to prevent attacks before they happen.
Secure your everything as everything is a potential target - To achieve effective coverage, organizations should seek a single solution that can cover all attack surfaces and vectors. One solution that provides broad prevention across all attack surfaces. In a multi hybrid environment, where the perimeter is now everywhere, security should be able to protect it all. Email, web browsing, servers and storage are merely the basics. Mobile apps, cloud and external storage are essential, so does compliance of connected mobile and endpoint devices, and your growing IoT device estate. Workloads, containers, and serverless applications on multi- and hybrid-cloud environments should be part of the check list at all times.
Maintain security hygiene:
Patching: All too often, attacks penetrate networks by leveraging known vulnerabilities that have a patch that has not been applied. Organizations should strive to make sure up-to-date security patches are maintained across all systems and software.
Segmentation: Networks should be segmented, applying strong firewall and IPS safeguards between the network segments in order to contain infections from propagating across the entire network.
Educate Employees to Recognize Potential Threats: Quite often, user awareness can prevent an attack before it occurs. Take the time to educate your users and ensure that if they see something unusual, they report it to your security teams immediately. User education has always been a key element in avoiding malware infections.
Implementing the most advanced security technologies: There is not a single silver-bullet technology that can protect organizations from all threats and all threat vectors. However, there are many great technologies and ideas available – machine learning, sandboxing, anomaly detection, content disarmament, and numerous more. Each of these technologies can be highly effective in specific scenarios, covering specific file types or attack vectors. Two key components to consider are threat extraction (file sanitization) and threat emulation (advanced sandboxing). Each element provides distinct protection, that when used together, offer a comprehensive solution for protection against unknown malware at the network level and directly on endpoint devices.
*The statistics and data used in this report present data detected by Check Point’s Threat Prevention technologies, stored and analyzed in ThreatCloud. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. ThreatCloud is actually the brain behind Check Point Software’s threat prevention power, combines big data threat intelligence with advanced AI technologies to provide accurate prevention to all Check Point Software customers.
© Press Release 2022
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.