Geopolitical conflicts and increased cyber threats and malware according to Check Point Software
Editor’s brief: Even as the world slowly exits from the hyper-panic of infectious disease, it quickly enters into more turmoil with global trade and armed conflicts, wrecking havoc on global food and energy supplies, trade, and economies. Under the storm of all these major challenges, cyber threats increase tremendously. A recent report by leading cybersecurity vendor Check Point Software aimed to shed some light on how 2023 might be shaping up in terms of cyber threats. Read more below.
SINGAPORE – Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a global leader in cybersecurity solutions, has released its 2023 Security Report, which reflects on a tumultuous year in the industry. The report was compiled by Check Point Research (CPR). The report looks back on 2022, a year marked by unprecedented levels of cybercrime in response to the Russian-Ukrainian conflict. While attacks on educational and research institutions have decreased, attacks on the healthcare sector have increased by 74% annually.
According to the report, the number of cyberattacks in 2022 has increased by 38 percent from the previous year, with an average of 1,168 attacks per company per week. The use of legitimate collaboration tools in a hybrid workplace is highlighted in the report, as is the role played by smaller and more agile hacker and ransomware groups. The 2023 Security Report explores the year’s defining trends and behaviors, from the proliferation of hacktivism in conflict zones in Eastern Europe and the Middle East to the emergence of new ransomware variants.
Key findings from the 2023 Security Report include:
- Hacktivism – The boundaries between state-sponsored cyber operations and hacktivism have become increasingly blurred, as nation-states act with anonymity and impunity. Non-state affiliated hacktivist groups have become more organised and effective than ever before.
- Ransomware extortion – Ransomware operations are becoming more challenging to attribute and track, and existing protection mechanisms that are based on detecting encryption activity may become less effective. The focus will instead be on data wiping and exfiltration detection.
- Cloud: Third party threats – The number of attacks on cloud-based networks per organisation has skyrocketed, with a 48% rise in 2022 compared to 2021. The shift in threat actors’ preference to scan the IP range of cloud providers highlights their interest in gaining easy access to sensitive information and critical services.
Insights tailored to chief information security officers are included in the report to highlight the most pressing security priorities for the coming year. The cyber-skills gap can be closed by simplifying systems, cloud misconfigurations can be kept to a minimum in cost, and network vulnerabilities that may go undetected by humans can be found through the increased use of automation and artificial intelligence.
“There is no doubt we will see an increase in the volume of attacks over the next twelve months. Cloud migration has created a wider attack surface for cybercriminals, and the legitimate tools we all use will be further manipulated by cybercriminals. This has already been demonstrated in the case of ChatGPT, with Russian cybercriminals trying to bypass OpenAI’s API restrictions and gain access to the chatbot for malicious reasons” said Maya Horowitz, VP Research at Check Point Software. “Add to this the widening cyber skills-gap and the increasing complexity of distributed networks, and we have the perfect storm for cybercriminals. To mitigate the risk of cybercrime, CISOs can begin by reading our 2023 Security Report and ensuring continued cybersecurity education for employees. Raising awareness of current threats and emerging tactics used by threat actors can help safeguard organisations from malicious threats in the future.”
The Security Report’s findings are based on data drawn from the Check Point ThreatCloud Cyber-Threat Map, which looks at the key tactics cybercriminals are using to carry out their attacks.