Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies has released its ‘Cyber Attack Trends: 2021 Mid-Year Report’.
The report reveals how cyber criminals have continued to exploit the global shift to hybrid working and target organisations across all sectors, including government, healthcare and critical infrastructure.
Organisations have experienced a 29% increase in cyber-attacks globally. The EMEA region showed the highest growth with 36%, followed by the Americas with an increase of 34% with APAC witnessing a 13% growth in attacks.
Maya Horowitz, VP Research at Check Point Software, said, “In the first half of 2021, cyber criminals have continued to adapt their working practices in order to exploit the shift to hybrid working, targeting organisations’ supply chains and network links to partners in order to achieve maximum disruption.”
She added that this year cyber-attacks have continued to break records and we have even seen a huge increase in the number of ransomware attacks, with high-profile incidents such as Solarwinds, Colonial Pipeline, JBS or Kayesa.
“Looking ahead, organisations should be aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced ones.”
This year has also seen a new ‘Triple Extortion’ ransomware technique emerge. While there have been successful international operations targeting cyber-crime, such as the take-down of the notorious Emotet botnet, threat actors launched sophisticated attacks which exploited organisations’ supply chains to cause widespread disruption.
Key trends revealed in the report include:
Global increase in cyber-attacks: In 2021, US organisations saw an average of 443 weekly attacks, marking a 17% increase compared to earlier this year. In EMEA, the weekly average of attacks per organisation was 777, a 36% increase. APAC organisations saw 1338 weekly attacks, a 13% increase. Specifically within Europe there was an increase of 27% while Latin America saw an increase of 19%.
The rise of ransomware attacks and ‘Triple Extortion’: Globally, the number of ransomware attacks on organisations increased by 93% in H1 2021, compared to the same period last year. Increasingly, in addition to stealing sensitive data from organisations and threatening to release it publicly unless a payment is made, attackers are now targeting organisations’ customers and/or business partners and demanding ransom from them too.
Supply chain attacks step up: The well-known SolarWinds supply chain attack stands out in 2021 due to its scale and influence, but other sophisticated supply chain attacks have occurred such as Codecov in April, and most recently Kaseya.
The race to become Emotet’s successor: Following the botnet’s takedown in January, other malwares are quickly gaining popularity, namely: Trickbot, Dridex, Qbot and IcedID.
Predictions for H2 2021: Ransomware will grow, despite law enforcement stepping up. Increased use of penetration tools to give live hackers ability to customise attacks on the fly and a trend towards collateral damage well beyond the initial target victim calls for a collateral damage strategy.
