It has been reported that global weekly cyber-attacks hit an all-time high in Q4 2021 of 925 attempts per organization, according to new data from Check Point. The security vendor analyzed information collected by hundreds of millions of global sensors from its Threat Prevention products across networks, endpoints and mobiles. It claimed attempted attacks have been continuously increasing since Q2 2020, with 50% more attacks seen per week on corporate networks in 2021 compared to 2020. The education and research sector experienced the highest volume of attacks during 2021, amounting to an average of 1605 per organization every week, a 75% increase on 2020. It was followed by government/military with 1136 attacks, up 47% year-on-year, and communications with 1079, up 51%.
<p>This information will not be a surprise to anyone in the cyber security world as this has been a continuing trend for some time. Bad actors are having more and more success in their attacks, with over 86% of surveyed organisations being affected by a successful cyberattack (CyberEdge Group 2021 Cyberthreat Defense Report). </p>
<p>Ransomware payments have increased, as has the security budgets of many organisations. However, even after the massive spend on security solutions and services over the last ten years, the battle against cyber criminals appears to be losing ground. Attackers are still able to remain undetected for considerable periods of time and are wreaking havoc in many organisations. </p>
<p>It is interesting that the Education and Research sector has been hit hardest, probably skewed due to COVID and attacks trying to gather information regarding treatments and vaccinations. We have also seen a dramatic shift in the attackers who are now targeting individuals to great effect, not just enterprises. Attackers are starting to find greater success in these low-level attacks, such as targetting employees who may not follow the correct protocol with private or corporately sensitive information. Cyber security teams need to be looking at new ways of working, as the old ways are obviously not working well.</p>
<p>It is no surprise that we have continued to see a rise in cyber-attacks throughout 2021. Cybercriminals have used the pandemic to prey on victims when they are most vulnerable, and unfortunately, many businesses were unprepared for the uncertainty brought about by the global pandemic. What this data does show is that organisations today must stop seeing cyber attacks simply as a technical nuisance when they are much more than that. They are a reality.</p>
<p>Unfortunately, the weakest link in cybersecurity is people, and cybercriminals are aware that praying on people during a vulnerable time is likely to reap higher benefits. Therefore, in order to reduce the attackers’ likelihood of success, we must foster a culture of security awareness in order to create an informed society that can identify when they are being targeted by a cyberattack. Businesses should also take advantage of additional security mechanisms such as secure VPNs for remote employees and if possible, partner with MSPs to manage risks, not only threats.</p>