Check Point Research: 2023

23 January 2024 Cyber Security

Check Point Research: Ransomware attacks on global organizations in 2023 will increase at an unprecedented rate.

  • In 2023, one in 10 organizations globally experienced ransomware attacks, up 33% from the previous year.
  • This represents a significant increase compared to 2022, when one in 13 organizations suffered a ransomware attack.
  • During 2023, organizations around the world experienced a total of 60,000 attacks, with an average of 1158 attacks per week each. The Retail/Wholesale sectors experienced a significant increase in weekly attacks, up 22% from 2022.

Global Trends in Global Cyber Attacks

As the digital landscape marks 2023 as another year of sustained cyberattacks on a global level, this research published by Check Point Research provides a revealing look at the ever-changing landscape of cyber threats, including comprehensive analysis of cyberattack data, statistics across all regions and on a global scale.

*The data in this report is derived from ThreatCloud AI, Check Point’s Big Data Intelligence engine. ThreatCloud AI analyzes big data telemetry and millions of Indicators of Compromise (IoC) every day. The threat intelligence database is fed from 150,000 connected networks and millions of endpoint devices, as well as information from Check Point Research and dozens of external sources. ThreatCloud AI updates emerging threats and protections across Check Point’s entire security stack in real time.

Total Global Attacks

2023 saw a steady increase in cyber threats. Organizations around the world experienced an average of 1158 cyber attacks per week. This represents a 1% increase in cyberattacks compared to 2022 and continues the significant increase from previous years, indicating a continuous and worrying trend in the digital threat landscape. In 2023, the threat landscape evolved, particularly in how ransomware threats were implemented. While ransomware continues to pose a serious risk, particularly to smaller and less powerful businesses, a notable shift has occurred, with some attackers focusing on data theft and campaigns focused purely on blackmail. This change in tactics was particularly evident in the MOVEit and GoAnywhere incidents. These attacks did not use traditional encryption-based ransomware; instead, attackers focused on demanding payment in exchange for not making the stolen data public.

Global Attacks by Industry

An industry-by-industry analysis reveals a dynamic shift. There was a notable 12% decrease in attacks targeting the Education/Research sector, which was previously the primary target, but still tops the list with the highest volume of cyberattacks. However, the Retail and Wholesale sectors have seen a shift in attacker focus, with a 22% increase, while the 3% increase in attacks in the Healthcare sector is particularly worrying given the critical nature of its services.

 

The exposure of the Retail/Wholesale Sectors to a significant number of cyber-attacks in 2023 can be attributed to several key factors:

  1. Large Customer Data Volume: Retail and wholesale businesses often process large amounts of personal and financial data from customers. This makes them attractive targets for cybercriminals trying to steal sensitive information such as credit card numbers, addresses and personal identification details for identity theft or selling on the dark web.
  2. Highly Connected and Digitized Transactions: With the advancement of technology, these industries have embraced digital transformation, emphasizing online transactions and interconnected systems. This increased digital footprint offers more entry points for cyber attackers.
  3. Complex Supply Chain Networks: Retailers and wholesalers often have complex supply chain networks with many suppliers and third-party service providers. Every node in this network can be a weakness if not sufficiently secured, providing cybercriminals with a number of avenues of attack.
  4. E-Commerce and Online Presence: The growth of online shopping has led to the expansion of e-commerce platforms. These platforms, if not built and maintained securely, can be exploited in a variety of ways, such as SQL injections, cross-site scripting or other web application attacks.
  5. Inadequate Cybersecurity Measures: Smaller retailers and wholesalers may not have strong cybersecurity defenses compared to large companies, making them easier targets for cyberattacks.
  6. High Transaction Volume: High daily transaction volumes make fraudulent activity harder to detect. Cybercriminals exploit this to try to blend their malicious activity into a large number of legitimate transactions.
  7. Seasonal Activity Spikes: Retail/Wholesale sectors often experience seasonal spikes in activity, such as holiday or shopping seasons, during which increased transaction volume and busy staff can lead to a lack of vigilance and increased susceptibility to attacks such as phishing or ransomware.

Global Attacks by Region:

Regionally, APAC stood out with the highest weekly attack average, with an average of 1930 attacks per organization, which represents a 3% increase compared to the previous year, while Africa experienced a significant 12% increase in the average weekly attack per organization, reaching an average of 1900 attacks.

2023 – The Year of Mega Ransomware Attacks

In 2023, the ransomware landscape experienced a significant shake-up and was marked by a massive increase in traditional ransomware and the more impressive mega-ransomware. This worrying trend was highlighted by the alarming prevalence of zero-day attacks, which increased the size of the damage inflicted and the number of victims affected, with many hacking groups (sometimes falsely) claiming responsibility.

Adding to the urgency of the situation, new regulatory pressures have forced more companies to disclose incidents of cyber blackmail, raising collective awareness of the pervasive threat. The dominant story of 2023 has become synonymous with the relentless onslaught of mega-ransomware attacks, leaving organizations grappling with the consequences of these malicious attacks as attackers continue their malicious activities.

Another notable change was observed in the execution strategies of these ransomware attacks. Traditionally focusing on encrypting victim data and demanding a ransom in exchange for its release, these attacks have been observed to take a different approach, with an increase in 2023.

 

Ransomware Attacks by Region: America Experiences the Largest Annual Increase The impact of ransomware on organizations has been seen across the world’s main regions. In 2023, the APAC region stood out with the highest proportion of 11% of organizations experiencing a ransomware attack, while the Americas saw the largest increase – from 5% of organizations in 2022 to 9% last year.

 

 

Conclusion

The 2023 data provides valuable insights into the changing nature of cyber attacks, highlighting the need for adaptive and robust cyber defense strategies. As cyber threats continue to evolve in complexity and frequency, adapting to these trends in advance is not only a recommended step, but an essential requirement for ensuring global cyber resilience.

 

Source: https://blog.checkpoint.com/research/check-point-research-2023-the-year-of-mega-ransomware-attacks-with-unprecedented-impact-on-global-organizations/

Categories

Diğer Yazılar

Yardım ve Destek Alın

Çözümler, hizmetler, etkinlikler veya diğer merakettikleriniz için iletişim formunu doldurarak destek alın. 






            

                          

                        

                  
                  +90 (216) 515 40 00