The cyber-attacks associated with developments related to pandemic worldwide continued to affect organisms in 2021. Cybercriminals have doubled their attacks, taking advantage of countries facing new COVID-19 mutations or changing their border management, with the main vehicle being sellers of fake vaccine certificates on the dark web.
Check Point Research recently reported that cyber-attacks on organizations worldwide increased by 40% in 2021, compared to the previous year, with 1 in 61 organizations being affected by ransomware each week over the same period.
As organizations strive to recover from the pandemic, it is important to pay attention to cyber security when planning for next year.
Let's take a look at some of the key cyber incidents and lessons from 2021 that will help organizations better secure and protect business, assets data and their people from potential threats:
Global Rise in COVID-19 Fake Vaccination Documents: Global demand for fake vaccination certificates has skyrocketed in recent weeks.
CPR revealed that the number of sellers increased 10 times from August to September this year. As more and more countries have implemented vaccination certificate demonstration policies coming out of lockdown, the demand for fake certificates is increasing. Cybercriminals are taking advantage of these pandemic-related developments for personal gain, as evidenced by reports of counterfeit vaccine certificates previously sold for $ 80-100 / 110 AUD on the dark web and now on the web.
Attacks on vital infrastructure: Around the world, cybercrime organizations have increased attacks on key services and government agencies, such as transportation, education, etc.
An example of the scale and danger of these incidents is the cyber attacks on Iran's railway system earlier this year, which resulted in vacation of the routes and directed passengers to call the telephone number of Iran's Supreme Leader Khamenei's office.
The incident served as an important call to governments worldwide to proactively increase the security of critical government infrastructure, as the procedure recovering from a cyberattack of this scope is complex and can be time-consuming.
Depending on Australia, we saw the news being held hostage as a major publisher was hit hard by a cyber attack that caused its broadcasts to be suspended. In the public sector, the attackers carried out a cyber attack on the Ministry of Education at the beginning of the new school year, the first in lockdown mode, creating a severe problem for staff, parents and students.
We live in an age where vital infrastructure can easily be hit in any corner of the world. What is most worrying is that most of the time, these incidents can most likely be prevented.
We urge you to make sure you have an effective cyber security recovery plan in place, make sure your systems are up to date, and that you use software from reputable third-party security manufacturers for protection against threats.
Triple-extortion ransomware Attacks: At the Check Point Software 6-Month Report for 2021, we introduced a new type of threat - Triple Extortion attacks, a development into the already emerging ransomware threat.
For example, the REvil ransomware, one of the most prominent families responsible for dozens of major breaches since 2019 and, most recently, the Kaseya and JBS cyberattacks on July 4 earlier this summer.
Supply chain attacks
Incidents of the software supply chain sparked the interest of researchers after the SolarWinds attack. The Check Point Research team identified security vulnerabilities in Atlassian, a software platform based in Australia with more than 180.000 customers worldwide.
With a single click, an attacker could have used the flaws to gain access to the Atlassian Jira error system and obtain sensitive information. As CPR responsibly disclosed the findings of the investigation to Atlassian, the latter developed a correction to avoid any possible exploitation of these vulnerabilities.
Remote workforce and teleworking technologies have exacerbated the trend of supply chain attacks, but it is imperative that we ensure that these technologies have the best defense against the export of malicious data.
Securing the hybrid workspace: One of the major challenges facing organizations in a hybrid work environment is the intensity and number of cyber attacks.
Cybercriminals are acutely aware of the timeframe that industries can take to detect and recover from a potential attack. Realistically it can take days, weeks, even months to patch vulnerabilities points, if organizations do not have the appropriate security policies and infrastructure in place.
The bottom line is that the hybrid workplace is now a very big part of our daily lives and IT professionals and employees need to step up to ensure that every end point is secure.
Konstantina Koukou Cybersecurity Specialist at Check Point Software Technologies said about it
"In short, during 2021, we learned that hackers and cybercriminals are always seeking to exploit organizations, businesses and individuals, and that no business or individual is immune or excluded from an attack. To stay one step ahead of the consequences of a security incident, organizations must adopt a precautionary approach to risk management and the implementation of security solutions. "An unprotected application or a vulnerable endpoint could be the starting point for a large-scale cyber attack."
