Check Point Research Reports a 38% Increase in 2022 Global Cyberattacks
Check Point Research (CPR) releases new data on 2022 cyberattack trends. The data is segmented by global volume, industry and geography. Global cyberattacks increased by 38% in 2022, compared to 2021. These cyberattack numbers were driven by smaller, more agile hacker and ransomware gangs, who focused on exploiting collaboration tools used in work-from-home environments, targeting of education institutions that shifted to e-learning post COVID-19. This increase in global cyberattacks also stems from hacker interest in healthcare organizations, which saw the largest increase in cyberattacks in 2022, when compared to all other industries. CPR warns that the maturity of AI technology, such as CHATGPT, can accelerate the number of cyberattacks in 2023.
Source: Check Point Blog
Key Statistics:
- Global volume of cyberattacks reached an all-time high in Q4 with an average of 1168 weekly attacks per organization
- Top 3 most attacked industries in 2022 were Education/Research, Government and Healthcare
- Geography of Africa experienced the highest volume of attacks with 1875 weekly attacks per organization, followed by APAC with 1691 weekly attacks per organization
- North America (+52%), Latin America (+29%) and Europe (+26%) showed largest increases in cyberattacks in 2022, compared to 2021
- USA saw a 57% increase in overall cyberattacks in 2022, UK saw a 77% increase and Singapore saw a 26% increase
Looking back at cyberattacks for the healthcare sector in 2022, healthcare organizations in the US suffered an average of 1410 weekly cyberattacks per organization, which is 86% higher than the number we saw in 2021, with the healthcare sector ranking second out of all sectors for the most cyberattacks in the US.
Hackers like to target hospitals because they perceive them as short on cyber security resources with smaller hospitals particularly vulnerable, as they are underfunded and understaffed to handle a sophisticated cyberattack.
The healthcare sector is so lucrative to hackers as they aim to retrieve health insurance information, medical records numbers and, sometimes, even social security numbers with direct threats from ransomware gangs to patients, demanding payment under threats of having patient records released. Ransomware gangs also find the attention gained from attacking a hospital as an attractive plus-point for their notoriety.
To protect yourself, it is imperative to think about prevention first, not detection. There are several best practices and actions an organization can take to minimize their exposure to the next attack or breach, such as cyber security training, keeping patches up-to-date and implementing anti-ransomware technology.”
Cyber Safety Tips:
-
- Cyber Awareness Training: Frequent cybersecurity awareness training is crucial to protecting the organization against ransomware. This training should instruct employees to do the following:
- Not click on malicious links
- Never open unexpected or untrusted attachments
- Avoid revealing personal or sensitive data to phishers
- Verify software legitimacy before downloading it
- Never plug an unknown USB into their computer
- Use a VPN when connecting via untrusted or public Wi-Fi
- Up-to-Date Patches: Keeping computers and servers up-to-date and applying security patches, especially those labeled as critical, can help to limit an organization’s vulnerability to ransomware attacks.
- Keep your software updated. Ransomware attackers sometimes find an entry point within your apps and software, noting vulnerabilities and capitalizing on them. Fortunately, some developers are actively searching for new vulnerabilities and patching them out. If you want to make use of these patches, you need to have a patch management strategy in place—and you need to make sure all your team members are constantly up to date with the latest versions.
- Choose Prevention over detection: Many claim that attacks will happen, and there is no way to avoid them, and therefore the only thing left to do is to invest in technologies that detect the attack once it has already breached the network and mitigate the damage as soon as possible. This is not true. Not only can attacks be blocked, but they can be prevented, including zero-day attacks and unknown malware. With the right technologies in place, most attacks, even the most advanced ones, can be prevented without disrupting the normal business flow.
- Cyber Awareness Training: Frequent cybersecurity awareness training is crucial to protecting the organization against ransomware. This training should instruct employees to do the following:
0 Comments