We should be prepared for a further increase in cyberattacks, which could be partly down to major powers leaking cyber superweapons, according to Check Point Research.
“We have long warned that organisations of all sizes are being bombarded by a global, fifth generation of cyber threats (Gen V),” says Pankaj Bhula, regional spokesperson at Check Point Software. “These are multi-vector cyber threats that can cause fatal damage and irreparable harm to the reputation of the compromised company.
“However, most companies are only secured against what we call third generation threats (Gen III), which are threats that we’ve known about since the early 2000s and which seek to exploit vulnerabilities in applications. Cybercrime is evolving at such a breakneck pace that falling behind on protection for weeks or months can have serious consequences, let alone when security is years out of date. It’s no wonder then that the pages of newspapers are filled with articles about victims of cyberattacks.”
The problem is likely to be compounded by cyber superweapons being developed by major powers. In the real world, it can take months or years to prepare for a military conflict. In the online world, a ‘war’ can be unleashed in seconds. A cyber superweapon is a piece of malware used against a nation-state causing it significant harm. Perhaps the most high-profile example in recent years is the SolarWinds Sunburst attack.
Even small hacker groups have access to very dangerous threats, and sooner or later these strategic cyber weapons are leaked by the major powers. Moreover, threats and attacks are traded on the darknet for example, so the number of potential cybercriminals is even larger. Customised data, threats and attacks can be purchased, so amateurs can cause devastating damage for a few tens of dollars.
Stopping the cyberattack pandemic will require cooperation between governments, cybersecurity companies as well as individual organizations.
In May 2021, US organisations saw an average of 671 weekly attacks. This is a 25% increase from the beginning of the year where organizations faced 589 weekly attacks. In EMEA, the weekly average of attacks per organization was 780 in May, compared to 643 at the start of the year, a 21% increase.
The comparison with May 2020 sounds even scarier. Year-over-year, there was a 70% increase in cyberattacks on US organisations, and a 97% increase in EMEA.
In the Americas, botnet attacks increased the most in May, up 26% compared to the beginning of this year. This was followed by infostealers (up 19%), banking Trojans (10%) and ransomware (9%). In EMEA, malware attacks on IoT devices (up 144%) and mobile attacks (up 41%) rocketed.
It is also interesting to compare attacks on individual industries, says Bhula. While the Americas saw the largest increases in attacks on carriers (up 51%), software (up 43%) and consulting companies (up 25%) in May, and the largest decreases in attacks on hardware manufacturers (down 69%) and education/research companies (down 22%); the EMEA region saw the third largest increase in attacks on hardware manufacturers (up 26%). Similar to the Americas, software vendors (up 64%) and utilities (up 46%) saw even bigger jumps. Interestingly attacks fell for enterprises in the healthcare sector (down 13%) and financial/banking (down 16%).
“Threat detection alone has long been insufficient. Once an attack has penetrated a device or corporate network in any way, it’s too late. It is therefore essential to use advanced threat prevention solutions that stop even the most advanced attacks as well as zero-day and unknown threats,” concluded Bhula.