From supply chain attacks to ransomware, organisations experienced 50% more cyberattacks weekly in 2021 than in 2020, according to Check Point Research’s (CPR) 2022 Security Report. Key highlights from the report include the return of Emotet, cracks in the ransomware ecosystem and vulnerabilities in cloud services.
Highlights:
In 2021, organiaations experienced 50% more cyberattacks weekly than in 2020. Cyberattacks against the top 16 industries increased by an average of 55%. The education/research sector’s 1,605 weekly attacks took the lead (75% increase) while the government/military category saw an average of 1,136 weekly attacks (47% increase). Communications saw an average of 1,079 weekly attacks (51% increase), and software vendors experienced the largest year-on-year growth in cyberattacks (146%).
Supply chain attacks
The infamous SolarWinds attack laid the foundations for a supply chain attack frenzy. 2021 saw numerous sophisticated attacks such as Codecov in April and Kaseya in July, concluding with the Log4j vulnerability that was exposed in December. The striking impact achieved by this one vulnerability in an open-source library demonstrates the immense inherent risk in software supply chains, CPR noted.
Disrupting life
2021 saw an increase in attacks targeting critical infrastructure which led to huge disruption to individuals’ day-to-day lives, and in some cases even threatened their sense of physical security. Cloud provider vulnerabilities exposed throughout the year have allowed attackers, for varying timeframes, to execute arbitrary code, escalate to root privileges, access mass amounts of private content and even cross between different environments, CPR said.
Mobile developments
Throughout the year, threat actors have increasingly used smishing (SMS phishing) for malware distribution and have invested substantial efforts in hacking social media accounts to obtain access to mobile devices. The continued digitisation of the banking sector in 2021 led to the introduction of various apps designed to limit face-to-face interactions, and those in turn have led to the distribution of new threats.
Cracks in the ransomware ecosystem
Governments and law enforcement agencies changed their stance on organised ransomware groups in 2021, turning from preemptive and reactive measures to proactive offensive operations against the ransomware operators, their funds and supporting infrastructure.
The same philosophy extends to businesses too, CPR said. Businesses can no longer afford to take a disjointed, siloed, reactionary approach to dealing with threats. They need 360-degree visibility, real-time threat intelligence, and a security infrastructure that can be mobilised effectively.
And while the REvil ransomware gang was arrested in Russia, CPR pointed out that code cannot be arrested. "It only takes one or two members or affiliates of the gang to escape with the key attack tools for REvil to re-merge at a later date, possibly in another country. We can only hope this is not the case," the research facility stated.
"It’s certainly not the end of ransomware, but every measure that governments can take, by sharing intelligence, to restrict such criminal activity is to be welcomed."
 |
| Source: CPR. 2022 Security Report. Percentage of corporate networks attacked by different malware types in the Asia-Pacific region. |
Return of Emotet
One of the most dangerous and infamous botnets in history returned in November. CPR found the Emotet's activity to be at least 50% of the level seen in January 2021, shortly before its initial takedown. This rising trend continued throughout December with several end-of-year campaigns, and is expected to continue well into 2022, at least until the next takedown attempt.
In a year that began with the fallout from one of the most devastating supply chain attacks in history, threat actors have grown in confidence and sophistication. This culminated in the Log4j vulnerability exploit which, yet again, caught the security community off-guard and brought to the fore the sheer level of risk inherent in software supply chains, CPR stated.
No comments:
Post a Comment