A recap of this year’s major cyberattacks should jolt organizations out of cyber complacence and into a proactive defense stance.
This year, cyberattacks linked to pandemic-related developments worldwide continued to impact organizations, doubling down on attacks, taking advantage of every new coronavirus strain and its effect on global measures to contain it.
Compared to 2020, cyberattacks on organizations worldwide was up 40% in Check Point Research’s (CPR) studies, with one in every 61 organizations impacted by ransomware each week during the same period.
In the Asia Pacific region, we are seeing the highest volume of attack attempts by ransomware with one out of 34 organizations being impacted every week in 2021. Singapore saw the biggest jump, recording a 106% increase in cyberattacks over 2020. Indonesia had the highest number of attacks in terms of volume, with an average of 2,981 weekly attacks per organization in 2021, a 15% increase from 2020.
Here is a summary of some key cyber incidents and learning points that organizations can use to plan better for 2022:
- Global boom in fake vaccination documents: The global demand for fake vaccination certificates has exploded tenfold from August to September this year. The demand for fake vaccination cards and certificate continues to grow. Cybercriminals are capitalizing on these pandemic-related trends, as evidenced by reports of fake vaccine certificates previously sold for as low as US$80–100 on the Dark Web and even on the open web.
- Attacks on critical infrastructure: Across the globe, cybercriminal organizations increased attacks on essential services and governmental bodies. One example of the scale and danger of these crimes is the cyberattacks on Iran’s train system earlier this year, which resulted in interruption of services, and which directed passengers to call the Iranian Supreme Leader Khamenei’s office’s phone number. The incident served as an important call-out for global governments to proactively increase critical infrastructure security because the recovery process can be complicated and lengthy.
- Triple-extortion ransomware attacks: In Check Point Software’s 2021 mid-year report, we introduced the emerging Triple Extortion attacks. Examples are the REvil ransomware, one of the most prominent families responsible for dozens of major breaches since 2019 and, more recently, the July Kaseya and JBS cyberattacks earlier this year.
- Supply chain attacks: Increased cyber incidents have triggered organizations to realize that they are only a strong as their weakest link. Supply chain incidents piqued researchers’ interest following the SolarWinds attack. As a result, they identified security flaws in Atlassian, an Australian-founded software platform with more than 180,000 customers worldwide. With just one click, an attacker could have used the flaws to gain access to the system and obtain sensitive information. CPR responsibly disclosed the research findings to Atlassian, which subsequently deployed a fix for potential account takeover. Distributed workforces and remote technologies have exacerbated the trend in supply chain attacks: however it is imperative to ensure these technologies have the best defenses against malicious data extraction.
- Hybrid workplace risks: One of the key challenges facing organizations in a hybrid work environment is the intensity of cyberattacks rather than the exposure to new vulnerabilities. Cybercriminals are fully aware of the timeframe industries can take to identify and remediate; it could take days, weeks, and even months to patch vulnerabilities if organizations do not have the proper security policies and infrastructure. The bottom line is: the hybrid workplace is now very much a part of our everyday life, and IT professionals and employees need to step up in ensuring each endpoint is secured.
We now live in an age where critical infrastructure can easily be disrupted in any corner of the world. What is most concerning is that most of the time, these incidents could have been prevented.
Ensure you have an effective disaster recovery plan in place, make sure your systems are up to date, and leverage the appropriate software solutions to protect against threats and other attack vectors.
No business or individual is immune to attacks. To stay ahead of threats, organizations need to adopt a proactive approach to cybersecurity. Every unprotected surface or endpoint is a weak point to be exploited by malicious actors.