The cyber-attacks associated with developments related to pandemic worldwide continued to affect organisms in 2021. Cybercriminals have redoubled their attacks, taking advantage of countries facing new mutations of COVID-19 or changing management of their borders, with the main vehicle being sellers of fake vaccine certificates on the dark web.
Check Point Research recently reported that cyber-attacks on organizations worldwide increased by 40% in 2021, compared to the previous year, with 1 in 61 organizations being affected by ransomware each week over the same period.
As organizations strive to recover from the pandemic, it is important to pay attention to cyber security when planning for next year.
Let's take a look at some of the key cyber incidents and lessons learned from 2021 that will help organizations better insure and protect their businesses, assets and people from potential threats:
Global Rise in COVID-19 Fake Vaccination Documents: Global demand for fake vaccination certificates has skyrocketed in recent weeks.
CPR revealed that the number of sellers increased 10 times from August to September this year. As more and more countries have implemented vaccination certificate demonstration policies coming out of lockdown, the demand for fake certificates is increasing. Cybercriminals are taking advantage of these pandemic-related developments for personal gain, as evidenced by reports of counterfeit vaccine certificates previously sold for $ 80-100 / 110 AUD on the dark web and now on the web.
Attacks on vital infrastructure: Around the world, cybercrime organizations have increased attacks on key services and government agencies, such as transportation, education, etc.
An example of the scale and danger of these incidents is the cyber-attacks on Iran's railway system earlier this year, which resulted in disruptions and led passengers to call the office number of the Supreme Leader of Iran Khamenei.
The incident served as a major appeal to governments around the world to precautionarily increase the security of critical state infrastructure, as the process of recovering from a cyber-attack of this magnitude is complex and time consuming.
Depending on Australia, we saw the news being held hostage as a major publisher was hit hard by a cyber attack that caused its broadcasts to be suspended. In the public sector, the attackers carried out a cyber attack on the Ministry of Education at the beginning of the new school year, the first in lockdown mode, creating a severe problem for staff, parents and students.
We live in an age where vital infrastructure can easily be hit in any corner of the world. What is most worrying is that most of the time, these incidents can most likely be prevented.
We urge you to make sure you have an effective cyber security recovery plan in place, make sure your systems are up to date, and that you use software from reputable third-party security manufacturers for protection against threats.
Triple-extortion ransomware Attacks: At 6 months report of Check Point Software for 2021, we introduced a new type of threat – Triple Extortion attacks, an evolution of the already rising ransomware threat.
For example, the REvil ransomware, one of the most prominent families responsible for dozens of major breaches since 2019 and, most recently, the Kaseya and JBS cyberattacks on July 4 earlier this summer.
Supply chain attacks
Incidents of the software supply chain sparked the interest of researchers after the SolarWinds attack. The Check Point Research team identified security vulnerabilities in Atlassian, a software platform based in Australia with more than 180.000 customers worldwide.
With a single click, an attacker could have used the flaws to gain access to the Atlassian Jira error system and obtain sensitive information. As CPR responsibly disclosed the findings of the investigation to Atlassian, the latter developed a correction to avoid any possible exploitation of these vulnerabilities.
The remote workforce and telecommuting technologies have exacerbated the trend of supply chain attacks, yet it is imperative to ensure that these technologies have the best defense against exportof malicious data.
Securing the hybrid workspace: One of the major challenges facing organizations in a hybrid work environment is the intensity and number of cyber attacks.
Cybercriminals are fully aware of the timing that industries may need to detect and recover from a potential attack. It can realistically take days, weeks, or even months to fix vulnerabilities if organizations do not have the proper security policies and infrastructure in place.
The bottom line is that the hybrid workplace is now a very big part of our daily lives and IT professionals and employees need to step up to ensure that every end point is secure.
Konstantina Koukou Cyber Security Specialist at Check Point Software Technologies said about it
"In short, during 2021, we learned that hackers and cybercriminals are always seeking to exploit organizations, businesses and individuals, and that no business or individual is immune or excluded from an attack. To stay one step ahead of the consequences of a security incident, organizations must adopt a precautionary approach to risk management and the implementation of security solutions. "An unprotected application or a vulnerable endpoint could be the starting point for a large-scale cyber attack."
