Check Point Research (CPR), the Threat Intelligence arm of Check Point Software Technologies Ltd., a leading provider of cybersecurity solutions globally, warns of a further increase in cyberattacks and thinks it could be partly down to major powers leaking, what they refer to as, ‘cyber superweapons’.
“We have long warned that organisations of all sizes are being bombarded by a global fifth generation of cyber threats (Gen V). These are multi-vector cyber threats that can cause fatal damage and irreparable harm to the reputation of the compromised company,” said Pankaj Bhula, Regional Spokesperson at Check Point Software.
“However, most companies are only secured against what we call third-generation threats (Gen III), which are threats that we’ve known about since the early 2000s and which seek to exploit vulnerabilities in applications. Cybercrime is evolving at such a breakneck pace that falling behind on protection for weeks or months can have serious consequences, let alone when security is years out of date. It’s no wonder then that the pages of newspapers are filled with articles about victims of cyberattacks,” Bhula continues.
Check Point believes that the problem is likely to be compounded by cyber superweapons being allegedly developed by major powers around the world. In the real world, it can take months or years to prepare for a military conflict. In the online world, a ‘war‘ can be unleashed in seconds.
A cyber superweapon is a piece of malware used against a nation-state causing it significant harm. Perhaps the most high-profile example in recent years is the SolarWinds Sunburst attack.
It is unfortunate that even small hacker groups have access to very dangerous threats because sooner or later these strategic cyber weapons are leaked.
Dirty Deeds, Dirt Cheap
Moreover, threats and attacks are traded on the darknet, for example, so the number of potential cybercriminals is even larger. Customized data, threats and attacks can be purchased, so amateurs can cause devastating damage for a few tens of dollars.
Stopping the cyberattack pandemic will require cooperation between governments, cybersecurity companies as well as individual organizations.
In May 2021, US organizations saw an average of 671 weekly attacks. This is a 25% increase from the beginning of the year where organizations faced 589 weekly attacks.
Cyber Attacks Surge Worldwide
In Europe, the Middle-East and Africa (EMEA), the weekly average of attacks per organization was 780 in May, compared to 643 at the start of the year, a 21% increase.
The comparison with May 2020 sounds even scarier. Year-over-year, there was a 70% increase in cyberattacks on US organisations and a 97% increase in EMEA.
In EMEA, malware attacks on IoT devices (up 144%) and mobile attacks (up 41%) rocketed.
It is also interesting to compare attacks on individual industries. While the Americas saw the largest increases in attacks on carriers (up 51%), software (up 43%) and consulting companies (up 25%) in May, and the largest decreases in attacks on hardware manufacturers (down 69%) and education/research companies (down 22%).
Europe, the Middle East and Africa saw the third-largest increase in attacks on hardware manufacturers (up 26%). Similar to the Americas, software vendors (up 64%) and utilities (up 46%) saw even bigger jumps. Interestingly attacks fell for enterprises in the healthcare sector (down 13%) and financial/banking (down 16%).
“Threat detection alone has long been insufficient. Once an attack has penetrated a device or corporate network in any way, it’s too late. It is therefore essential to use advanced threat prevention solutions that stop even the most advanced attacks as well as zero-day and unknown threats,” concluded Bhula