Not that anyone assumed differently, but cyberattacks proliferated the internet in 2021, with researchers noting 50% more attacks per week on corporate networks compared to 2020, according to cybersecurity firm Check Point.
The 2021 data comes just a few months after the company reported in October a 40% increase in cyberattacks globally. However, the fourth quarter of 2021 was a particularly busy one for IT professionals, largely due to the Log4j vulnerabilities.
The remote code execution bugs in the popular Java logger discovered last month appears to have pushed that increase to 50%. According to Check Point, there were 925 cyberattacks per week per organization globally in the fourth quarter.
This dramatic increase, the firm says, began in the second quarter of 2020 and has continued to wreak havoc on IT and security teams everywhere. That aligns with the start of the COVID-19 pandemic and shift to remote work, which has eliminated the idea of the traditional IT perimeter and exposed organizations to increased risk.
The education and research sector was the hardest hit in 2021, with a reported 1605 weekly attacks per organization, which is a 75% increase from 2020, Check Point reports.
Government and military organizations were the next most targeted in 2021 with 1,136 weekly attacks per organization, a 47% increase over 2020. That was followed by the communications industry, which saw a weekly average of 1,079 cyberattacks per organization, a 51% increase over 2020.
Reporting the largest uptick in weekly cyberattacks were software vendors, which saw a weekly average of 536 attacks per organization, a 146% increase over 2020.
That reflects the need for supply chain security following several intrusions into the build environments of several trusted IT vendors, such as SolarWinds and Kaseya.
Also alarming is the continued attacks against ISPs, MPSs and other third-party services providers. According to Check Point, ISPs and MSPs saw a weekly average of 1,068 cyberattacks in 2021, a 67% increase over the previous year. Meanwhile, other service providers like system integrators, value-added resellers and distributors saw an 18% increase in weekly cyberattacks, but saw far fewer, at 778.
That data reflects the growing trend of threat actors seeking to compromise one organization that has access to the networks of enterprise customers, rather than targeting one organization individually.
Surprisingly, the most targeted regions for attacks were Africa, APAC, Latin America, Europe and North America, in that order. However, North America and Europe both reported increases of at least 61% over 2020.
The company recommends maintain good cybersecurity hygiene, including:
- Applying security patches in a timely manner
- Segmenting networks
- Educating employees on how to recognize threats
- Leveraging IT security tools and software