The cyber-attacks associated with developments related to pandemic worldwide continued to affect organisms in 2021. Cybercriminals redoubled their attacks, exploiting countries facing new mutations of it COVID-19 or change their border management, with the main vehicle being sellers of fake vaccine certificates on the dark web.
Check Point Research recently reported that cyber-attacks on organizations worldwide increased by 40% in 2021, compared to the previous year, with 1 in 61 organizations being affected by ransomware each week over the same period.
As organizations strive to recover from the pandemic, it is important to pay attention to cyber security when planning for next year.
Let's take a look at some of the key cyber incidents and lessons learned from 2021 that will help organizations better insure and protect their businesses, assets and people from potential threats:
Global Rise in COVID-19 Fake Vaccination Documents: Global demand for fake vaccination certificates has skyrocketed in recent weeks.
CPR revealed that the number of sellers increased 10 times from August to September this year. As more and more countries have implemented vaccination certificate demonstration policies coming out of lockdown, the demand for fake certificates is increasing. Cybercriminals are taking advantage of these pandemic-related developments for personal gain, as evidenced by reports of counterfeit vaccine certificates previously sold for $ 80-100 / 110 AUD on the dark web and now on the web.
Attacks on vital infrastructure: Around the world, cybercrime organizations have increased attacks on key services and government agencies, such as transportation, education, etc.
An example of the scale and danger of these incidents is the cyber-attacks on Iran's railway system earlier this year, which resulted in disruptions and led passengers to call the office number of the Supreme Leader of Iran Khamenei.
The incident served as a major appeal to governments around the world to precautionarily increase the security of critical state infrastructure, as the process of recovering from a cyber-attack of this magnitude is complex and time consuming.
Depending on Australia, we saw how the information was held "hostage" as a major publisher was hit hard by a cyber attack, causing its broadcasts to be disrupted. As for the public sector, attackers carried out a cyberattack on the Ministry of Education at the start of the new school term, the first under lockdown, causing severe problems for staff, parents and students.
We live in an age where vital infrastructure can easily be hit in any corner of the world. What is most worrying is that most of the time, these incidents can most likely be prevented.
We urge you to ensure that you have an effective cybersecurity incident recovery plan in place, ensure that your systems are up-to-date and if you are leveraging software third-party trusted security vendors to protect against threats.
Triple-extortion ransomware Attacks: At the Check Point Software 6-Month Report for 2021, we introduced a new type of threat - Triple Extortion attacks, a development into the already emerging ransomware threat.
For example, the REvil ransomware, one of the most prominent families responsible for dozens of major breaches since 2019 and, most recently, the Kaseya and JBS cyberattacks on July 4 earlier this summer.
Supply chain attacks
Incidents of the software supply chain sparked the interest of researchers after the SolarWinds attack. The Check Point Research team identified security vulnerabilities in Atlassian, a software platform based in Australia with more than 180.000 customers worldwide.
With a single click, an attacker could have used the flaws to gain access to the Atlassian Jira error system and obtain sensitive information. As CPR responsibly disclosed the findings of the investigation to Atlassian, the latter developed a correction to avoid any possible exploitation of these vulnerabilities.
The remote workforce and telecommuting technologies have exacerbated the trend of supply chain attacks, yet it is imperative to ensure that these technologies have the best defense against exportof malicious data.
Securing the hybrid workspace: One of the major challenges facing organizations in a hybrid work environment is the intensity and number of cyber attacks.
Cybercriminals are acutely aware of the timeframe that industries can take to detect and recover from a potential attack. Realistically it can take days, weeks, even months to patch vulnerabilities points, if organizations do not have the appropriate security policies and infrastructure in place.
The bottom line is that the hybrid workplace is now a very big part of our daily lives and IT professionals and employees need to step up to ensure that every end point is secure.
Konstantina Koukou Cyber Security Specialist at Check Point Software Technologies stated about it
"In short, during 2021, we learned that hackers and cybercriminals are always seeking to exploit organizations, businesses and individuals, and that no business or individual is immune or excluded from an attack. To stay one step ahead of the consequences of a security incident, organizations must adopt a precautionary approach to risk management and the implementation of security solutions. "An unprotected application or a vulnerable endpoint could be the starting point for a large-scale cyber attack."
