This year has been largely dominated by the Russia-Ukraine war, with major concerns about its impact on the global threat level. Just three days after the invasion of Ukraine, on February 27th, Check Point Research (CPR) noted a 196% increase in cyber-attacks on Ukraine’s government-military sector, and a 4% increase in cyber-attacks per organization in Russia.
It is not only war-related cyber activity that has seen a sharp rise over the last few months. It seems that hackers and attack groups have gained momentum and confidence, luring and attacking what seems to be endless targets around the globe. A few notable events are the LA Unified School District, the US’ second largest school district, which suffered “significant infrastructure disruption” in September. In Europe, Moody’s Investors Service cited that cyberattacks are accelerating across the continent, in a latest report. In Australia, Singtel-owned telecoms company Optus suffered one of the largest cyber breaches in the country’s history followed by data hacks on Medibank, Australia’s biggest health insurer. In October, Woolworths, one of Australia’s largest supermarket chains reported a data breach and, following on from the Optus attack, a second Australia-Based Singtel subsidiary, Dialog, an IT services consulting company, was also hacked.
Check Point Research (CPR) has found that global attacks increased by 28% in the third quarter of 2022 compared to the same period in 2021. The average weekly number of attacks per organization worldwide reached over 1,130. While there has been an increase this year, it has plateaued when compared to the sharp rise seen in 2021. This could be an indication of how enterprises and governments are addressing the risks by increasing investment in their cybersecurity strategies and putting a greater focus on finding and detaining hackers.
In a report published back in August 2022, CPR noted that the Education sector was experiencing more than double weekly attacks, compared to other industries. We have seen this trend continue, with the Education/Research sector facing an average of 2,148 attacks per organization every week in the third quarter this year, an increase of 18% compared to the third quarter last year.
Academic institutions have become a popular feeding ground for cybercriminals following the rapid digitization they undertook in response to the COVID-19 pandemic. Many were ill-prepared for the unexpected shift to online learning, which created ample opportunity for hackers to infiltrate networks through any means necessary. Schools and universities also have the unique challenge of dealing with children or young adults, many of which use their own devices, work from shared locations, and often connect to public WiFi without thinking of the security implications.
The second most attacked industry was Government/Military, with 1,564 average weekly attacks, marking a 20% increase from the same period last year. The Healthcare sector saw the largest change compared to last year, with 1,426 average attacks per week – a significant increase of 60% YoY.
As a region, Asia experienced the most cyberattacks in the third quarter of 2022, with an average of 1,778 weekly attacks per organization, which is an increase of 21% compared to the same period last year. The United Arab of Emirates (UAE) saw the largest individual growth with a 151% increase YoY.
Following reports of attacks on its telecom operators, health insurers and energy companies, the ANZ region has seen the highest increase in cyberattacks, a rise of 72% YoY.
In Check Point’s ‘Cyber Attack Trends: 2022 Mid-Year Report, our researches pointed to ransomware as the number one threat to organizations, stepping up to nation-state actor levels. Overall, the number of ransomware attacks has fallen worldwide by 8% compared with the third quarter of 2021. This could be due to a shift towards alternative attack methods such as botnets and hacktivism. However, ransomware continues to garner the most public attention and cause the greatest disruption.
The Healthcare sector was the most targeted industry in terms of ransomware in the third quarter of 2022, with one in 42 organizations impacted by ransomware, a 5% increase YoY. The second sector was ISP/MSP, where one in 43 organizations was impacted, a decrease of 25% YoY. This was followed by the Finance/Banking industry, where one out of every 49 organizations was affected by ransomware, indicating a 17% increase in the past year.
The Retail/Wholesale sector has seen the highest increase YoY of ransomware attacks, a 39% increase from the third quarter of 2021.
There are several best practices and actions a company can take to minimize their exposure to the next attack or breach. Prevention is possible:
The statistics and data used in this report present data detected by Check Point’s Threat Prevention technologies, stored and analyzed in ThreatCloud. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors worldwide, over networks, endpoints and mobiles. The intelligence is enriched with AI-based engines and exclusive research data from the Check Point Research (CPR) – The intelligence and research Arm of Check Point.
