Check Point Software's 2022 Security Report: Global Cyber Pandemic's Magnitude Revealed

Published: 2022-01-21 12:43:06 ET CHKP

Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has released its 2022 Security Report. From the SolarWinds attack at the beginning of the year, which presented a whole new level of sophistication and spread, all the way through to December and the influx of Apache Log4j vulnerability exploitations, the 2022 Security Report reveals the key attack vectors and techniques witnessed by CPR during 2021.

Overall in 2021, organizations experienced 50% more weekly cyber-attacks than in 2020. With the Education/Research sector's 1,605 weekly attacks taking the lead (75% increase). This was followed by Government/Military with 1,136 weekly attacks (47% increase) and Communications with 1,079 weekly attacks (51% increase). Software vendors experienced the largest year-on-year growth (146%) which goes hand-in-hand with the ever-increasing trend of software supply chain attacks observed in 2021. This last year has also seen evolving attacks on mobile devices, an increase in major cloud services vulnerabilities and the return of the notorious Emotet botnet.

Highlights from the 2022 Security Report include:

"In a year that began with the fallout from one of the most devastating supply chain attacks in history, we've seen threat actors grow in confidence and sophistication," said Maya Horowitz, VP Research at Check Point Software. "This culminated in the Log4j vulnerability exploit which, yet again, caught the security community off-guard and brought to the fore the sheer level of risk inherent in software supply chains. In the months between, we saw cloud services under attack, threat actors increasing their focus on mobile devices, the Colonial Pipeline held to ransom, and the resurgence of one of the most dangerous botnets in history."

Maya continued: "But it's not all doom and gloom. We also saw cracks in the ransomware ecosystem widen in 2021, as governments and law enforcement agencies around the world resolved to take a tougher stance on ransomware groups in particular. Instead of relying on reactive and remedial action, some shocking events woke governments up to the fact that they needed to take a more proactive approach to deal with cyber risk. That same philosophy extends to businesses too, who can no longer afford to take a disjointed, siloed, reactionary approach to deal with threats. They need 360-degree visibility, real-time threat intelligence, and security infrastructure that can be mobilized in an effective, joined-up manner."

Cyber Attack Categories by Region in 2021

Average weekly attacks per organization, by industry 2021, compared to 2020

The 'Cyber Attack Trends: 2022 Security Report' gives a detailed overview of the cyber-threat landscape. These findings are based on data drawn from Check Point Software's ThreatCloud Intelligence between January and December 2021, highlighting the key tactics cyber-criminals are using to attack businesses.

Follow Check Point Research via:

Blog: https://research.checkpoint.com/ Twitter: https://twitter.com/_cpresearch_

About Check Point Research

Check Point Research (CPR) provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point solutions are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.

Disclaimer

Check Point Software Technologies Ltd. published this content on 21 January 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 21 January 2022 17:42:05 UTC.