Check Point Research (CPR) has released its “Cyber Attack Trends: 2022 Mid-Year Report” highlighting how cyberattacks have become firmly entrenched as a state-level weapon, including the new ransomware method of “Country Extortion” and state-affiliated hacktivism, and the expansion of ransomware as the number one threat.
Besides insight into the evolution of cyberattacks as a state-level weapon complementing actual military conflict, and the elevation of ransomware utilised in nation-state level attacks for financial and social gain, the report also delves into the growth of cloud supply chain attacks through new sources of modules in the open-source community.
Up-to-date statistics on industry and regional cyberattacks as well as advice and predictions for the remainder of 2022 including an analysis of Incident Response exploring the full lifecycle of a cyberattack, presents an integrated view of how cyberattacks have led to major disruption, causing real harm to civic and cyber life in 2022.
“The war in Ukraine has dominated the headlines in the first half of 2022 and we can only hope that it will be brought to a peaceful conclusion soon,” says Maya Horowitz, VP research at Check Point Software. “Its impact on the cyber space has been dramatic in both scope and scale, and we have seen huge increases in cyberattacks against organisations in all sectors and all countries this year. Unfortunately, this will only get worse especially with ransomware now being the number one threat to organisations. However, with the right expertise, strategy and cybersecurity solutions in place, companies are able to prevent attacks from happening.”
Top predictions for H2 highlighted in the report include:
• Ransomware will become a much more fragmented ecosystem – while ransomware groups have become more structured and operate like regular businesses, with set targets to hit, there will be a lesson learned from the Conti ransomware group, whose size and power garnered too much attention, which led to its downfall. Going forward, we think there will be many small-medium groups instead of a few large ones, to hide in plain sight more effectively.
• More diverse email infection chains – due to the implementation of Internet macros being blocked by default in Microsoft office, the more sophisticated malware families will accelerate the development of new infection chains, with different file types that are password protected to prevent detection as sophisticated social engineering attacks increase.
• Hacktivism will continue to evolve – hacktivist groups will continue to align their attacks with the agenda of their chosen nation state, particularly as the Russia-Ukraine war is still ongoing.
• Continued attacks on decentralised blockchain networks with expected first attacks in Metaverse – with major incidents relating to blockchain platforms, such as a vulnerability on Rarible market place or ApeCoin Airdrop vulnerability , we expect to see continued efforts by hackers to breach and hijack crypto assets. In addition we believe that we will see initial attacks in the Metaverse that will exploit smart contract vulnerabilities.