Latest
Check Point Software’s Mid-Year Cybersecurity Report: A dramatic global 93% increase in ransomware attacks on enterprises in the first half of the year
The trio of ransomware, supply chain attacks, and remote cyber-attacks will have broader impacts on enterprises
(August 9, 2021, Taipei) Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has released its ‘Cyber Attack Trends: 2021 Mid-Year Report’, which shows how cyber criminals have continued to exploit the global shift to hybrid working and target organizations across all sectors, including government, healthcare and critical infrastructure.
Organizations have experienced a 29% increase in cyber-attacks globally. The EMEA region showed the highest growth with 36%, followed by the Americas with an increase of 34% with APAC witnessing a 13% growth in attacks. This year has also seen a new ‘Triple Extortion’ ransomware technique emerge. While there have been successful international operations targeting cyber-crime, such as the take-down of the notorious Emotet botnet, threat actors launched sophisticated attacks which exploited organizations’ supply chains to cause widespread disruption.
Cyber Attack Categories by Region in H1 2021:
Key trends revealed in the report include:
Global increase in cyber-attacks: In 2021, US organizations saw an average of 443 weekly attacks, marking a 17% increase compared to earlier this year. In EMEA, the weekly average of attacks per organization was 777, a 36% increase. APAC organizations saw 1338 weekly attacks, a 13% increase. Specifically within Europe there was an increase of 27% while Latin America saw an increase of 19%.
The rise of ransomware attacks and ‘Triple Extortion’: Globally, the number of ransomware attacks on organizations increased by 93% in H1 2021, compared to the same period last year. Increasingly, in addition to stealing sensitive data from organizations and threatening to release it publicly unless a payment is made, attackers are now targeting organizations’ customers and/or business partners and demanding ransom from them too.
Supply chain attacks step up: The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred such as Codecov in April, and most recently Kaseya.
The race to become Emotet’s successor: Following the botnet’s takedown in January, other malwares are quickly gaining popularity, namely: Trickbot, Dridex, Qbot and IcedID.
“In the first half of 2021, cyber criminals have continued to adapt their working practices in order to exploit the shift to hybrid working, targeting organizations’ supply chains and network links to partners in order to achieve maximum disruption,” said Maya Horowitz, VP Research at Check Point Software. “This year cyber-attacks have continued to break records and we have even seen a huge increase in the number of ransomware attacks, with high-profile incidents such as Solarwinds, Colonial Pipeline, JBS or Kaseya. Looking ahead, organizations should be aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced ones. ”
Top predictions for H2 highlighted in the report include:
The war on Ransomware will intensify: Ransomware attacks will continue to proliferate despite increased investment from governments and law enforcement, especially as the Biden Administration makes this a priority. With such investment and ever more advanced tools, the authorities will enjoy some successes, but threat actors will evolve, and new groups will emerge in the ransomware arms race.
Man-in-the-Middle becomes the hacker in the network: Over the past two years, we have seen an acceleration in the use of penetration tools, such as Cobalt Strike and Bloodhound. These tools don’t just pose a real challenge from a detection point of view, they also grant hackers live access to compromised networks, allowing them to scan and scroll at will and customize attacks on the fly. Security professionals will need a whole new set of skills to detect this form of attack and prevent it from happening in the future.
Collateral Damage beyond the initial target: The growing trends of triple extortion, supply chain attacks and even just remote cyber-attacks may affect businesses more than ever. The triple extortion trend in ransomware now includes not only the original target organization, but also its customers, partners and vendors. This multiplies the actual victims of each attack and requires a special security strategy.
Check Point provides zero-day protection with its networks, cloud, users and access security solutions. Our evasion-resistant technology maximizes zero-day protection without compromising business productivity. For the first time, businesses can reduce the risk of unknown attacks by implementing a prevent-first approach.
The ‘Cyber Attack Trends: 2021 Mid-Year Report’ gives a detailed overview of the cyber-threat landscape. These findings are based on data drawn from Check Point Software’s ThreatCloud Intelligence between January and June 2021, highlighting the key tactics cyber-criminals are using to attack businesses. A full copy of the report is available from: https://pages.checkpoint.com/cyber-attack-2021-trends.html
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Check Point’s Infinity solution effectively protects enterprises and public institutions from fifth generation cyberattacks with an industry leading catch rate of malware, ransomware and other types of attacks. The three pillars of “Infinity” provide complete protection for various enterprise environments and advanced threat prevention for fifth generation cyberattacks: Check Point Harmony specially produced for remote work, Check Point CloudGuard for automated cloud protection, and Check Point Quantum for network border and data center protection. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
Check Point Research (CPR) provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point solutions are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.
