Check Point Research (CPR) has released its ‘Cyber Attack Trends: 2021 Mid-Year Report’, which shows how cybercriminals have continued to exploit the global shift to hybrid working and target organisations.
Organisations have experienced a 29 percent increase in cyber-attacks globally. The EMEA region showed the highest growth with 36 percent, followed by the Americas with an increase of 34 percent, with APAC witnessing a 13 percent growth in attacks. This year has also seen a new ‘Triple Extortion’ ransomware technique emerge. While there have been successful international operations targeting cyber-crime, such as the take-down of the notorious Emotet botnet, threat actors launched sophisticated attacks which exploited organizations’ supply chains to cause widespread disruption.
Key trends revealed in the report include:
The global increase in cyber-attacks: In 2021, US organizations saw an average of 443 weekly attacks, marking a 17 percent increase compared to earlier this year. In EMEA, the weekly average of attacks per organisation was 777, a 36 per ent increase. APAC organisations saw 1338 weekly attacks, a 13 percent increase. Within Europe, there was an increase of 27 percent while Latin America saw an increase of 19 percent.
The rise of ransomware attacks and ‘Triple Extortion’: Globally, the number of ransomware attacks on organisations increased by 93 percent in H1 2021, compared to the same period last year. Increasingly, in addition to stealing sensitive data from organizations and threatening to release it publicly unless a payment is made, attackers are now targeting organizations’ customers or business partners and demanding ransom from them too.
Consulting its crystal ball, Check Point said that ransomware would grow, despite law enforcement stepping up. Increased use of penetration tools gives live hackers the ability to customise attacks on the fly, and a trend towards collateral damage beyond the initial target victim calls for a collateral damage strategy.
Maya Horowitz, VP Research at Check Point Software, said in the first half of 2021, cybercriminals have continued to adapt their working practices to exploit the shift to hybrid working, targeting organisations’ supply chains and network links to partners to achieve maximum disruption.
“This year, cyber-attacks have continued to break records, and we have even seen a huge increase in the number of ransomware attacks, with high-profile incidents such as Solarwinds, Colonial Pipeline, JBS or Kayesa. Looking ahead, organizations should be aware of the risks and ensure that they have the appropriate solutions in place to prevent, without disrupting the normal business flow, the majority of attacks including the most advanced.”