Corporate Cyber-Attacks Spike 50% in 2021

Global weekly cyber-attacks hit an all-time high in Q4 2021 of 925 attempts per organization, according to new data from Check Point.

The security vendor analyzed information collected by hundreds of millions of global sensors from its Threat Prevention products across networks, endpoints and mobiles.

It claimed attempted attacks have been continuously increasing since Q2 2020, with 50% more attacks seen per week on corporate networks in 2021 compared to 2020.

The education and research sector experienced the highest volume of attacks during 2021, amounting to an average of 1605 per organization every week, a 75% increase on 2020.

It was followed by government/military with 1136 attacks, up 47% year-on-year, and communications with 1079, up 51%.

Africa experienced the highest volume of weekly attacks in 2021, with an average of 1582 per organization, a 13% increase from 2020. However, European organizations experienced the most significant increase in weekly attacks, up 68% to 670, according to the report.

Ransomware was particularly prevalent over 2021. Check Point warned last October that attacks had spiked 40% since 2020, with one out of every 61 organizations worldwide impacted each week.

Check Point urged firms to segment their networks, patch promptly, educate their employees and layer up advanced security controls like sandboxing and anomaly detection.

Hank Schless, senior manager of security solutions at Lookout, argued that the persistent impact of the pandemic might explain some of the 2021 findings.

“Attackers almost always go after groups that they perceive to be most vulnerable in order to have the greatest chance of success. The idea of e-learning was in very early stages when the pandemic hit, so for entire school systems, universities, research centers and more to have to flip their continued collaboration and education to fully remote infrastructure overnight was beyond difficult,” he added.

“Before, there may have been some basic cloud-based apps or infrastructure in place that enabled teachers and staff to collaborate or for students to turn in work, but the capacity and security was not ready to take on the complexity of remote learning at the drop of a hat.”

Jasmine Henry, field security director at JupiterOne, warned that the discovery of more bugs like Log4Shell could make 2022 another record year for attackers.

What’s Hot on Infosecurity Magazine?