Geo-political conflict triggers increase in cyberattacks and the rise of ‘disruption and destruction’ malware
Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its 2023 Security Report reflecting on a chaotic year in cybersecurity. The report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war. Education and Research remains the most targeted sector, but attacks on the healthcare sector registered a 74% increase year-on-year.
According to the report, cyberattacks have risen by 38% in 2022 compared to the previous year, with an average of 1,168 weekly attacks per organization being recorded. The report also highlights the role played by smaller and more agile hackers and ransomware groups in exploiting legitimate collaboration tools used in the hybrid workplace. From the rise of new ransomware variants to the spread of hacktivism in conflict areas in Eastern Europe and the Middle East, the 2023 Security Report uncovers the trends and behaviors that defined the year.
Key findings from the 2023 Security Report include:
- Hacktivism – The boundaries between state-sponsored cyber operations and hacktivism have become increasingly blurred, as nation-states act with anonymity and impunity. Non-state affiliated hacktivist groups have become more organized and effective than ever before.
Ransomware Extortion -ransomware operations are becoming more challenging to attribute and track, and existing protection mechanisms that are based on detecting encryption activity may become less effective. The focus will instead be on data wiping and exfiltration detection.
- Cloud: Third Party Threat – The number of attacks on cloud-based networks per organization has skyrocketed, with a 48% rise in 2022 compared to 2021. The shift in threat actors´ preference to scan the IP range of cloud providers highlights their interest in gaining easy access to sensitive information and critical services.
The report also offers insights specifically for CISOs, aimed at drawing attention to critical security actions for the coming year. These insights include reducing complexity to bridge the cyber-skills gap, limiting the cost of cloud misconfigurations, and increasing the use of automation and AI to detect network risks that may go unnoticed by the human eye.
“There is no doubt we will see an increase in the volume of attacks over the next twelve months. Cloud migration has created a wider attack surface for cybercriminals, and the legitimate tools we all use will be further manipulated by cybercriminals. This has already been demonstrated in the case of ChatGPT, with Russian cybercriminals trying to bypass OpenAI’s API restrictions and gain access to the chatbot for malicious reasons” said Maya Horowitz, VP Research at Check Point Software. “Add to this the widening cyber skills-gap and the increasing complexity of distributed networks, and we have the perfect storm for cybercriminals.”
Ms. Horowitz adds, “To mitigate the risk of cybercrime, CISOs can begin by reading our 2023 Security Report and ensuring continued cybersecurity education for employees. Raising awareness of current threats and emerging tactics used by threat actors can help safeguard organizations from malicious threats in the future.”
The Security Report´s findings are based on data drawn from the Check Point ThreatCloud Cyber-Threat Map, which looks at the key tactics’ cybercriminals are using to carry out their attacks. A full copy of the report is available here on the interactive site.