Check Point Research has released its 2023 Security Report reflecting on a chaotic past 12 months in cybersecurity which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war.
Education and Research remains the most targeted sector, but attacks on the healthcare sector registered a 74% increase year-on-year.
According to the report, cyberattacks rose by 38% in 2022 compared to the previous year, with an average of 1 168 weekly attacks per organisation being recorded. The report also highlights the role played by smaller and more agile hackers and ransomware groups in exploiting legitimate collaboration tools used in the hybrid workplace.
From the rise of new ransomware variants to the spread of hactivism in conflict areas in Eastern Europe and the Middle East , the 2023 Security Report uncovers the trends and behaviours that defined the year.
Key findings from the 2023 Security Report include:
* Hacktivism – The boundaries between state-sponsored cyber operations and hacktivism have become increasingly blurred as nation-states act with anonymity and impunity. Non-state affiliated hacktivist groups have become more organised and effective than ever before.
* Ransomware extortion -ransomware operations are becoming more challenging to attribute and track, and existing protection mechanisms that are based on detecting encryption activity may become less effective. The focus will instead be on data wiping and exfiltration detection.
* Cloud: Third-party threat – The number of attacks on cloud-based networks per organisation has skyrocketed, with a 48% rise in 2022 compared to 2021. The shift in threat actors´ preference to scan the IP range of cloud providers highlights their interest in gaining easy access to sensitive information and critical services.
The report also offers insights specifically for CISOs, aimed at drawing attention to critical security actions for the coming year. These insights include reducing complexity to bridge the cyberskills gap, limiting the cost of cloud misconfigurations, and increasing the use of automation and AI to detect network risks that may go unnoticed by the human eye.
“There is no doubt we will see an increase in the volume of attacks over the next twelve months,” says Maya Horowitz, VP Research at Check Point Software. “Cloud migration has created a wider attack surface for cybercriminals and the legitimate tools we all use will be further manipulated by cybercriminals. This has already been demonstrated in the case of ChatGPT, with Russian cybercriminals trying to bypass OpenAI’s restrictions and gain access to the chatbot for malicious reasons.
“Add to this the widening cyberskills gap and the increasing complexity of distributed networks, and we have the perfect storm for cybercriminals.”