While the volume of attacks has increased only marginally, we have witnessed several sophisticated campaigns by cybercriminals finding ways to weaponize legitimate tools for malicious gain.
Recent examples include using ChatGPT to create code that can help less sophisticated threat actors effortlessly launch cyberattacks, Trojanizing 3CXDesktop for a supply chain attack, and exploiting the critical unauthorized RCE vulnerability in the “Microsoft Message Queuing” service (commonly known as MSMQ). Check Point's research arm, CPR, also discovered the fastest encryption ransomware ever seen, which shows how attackers continue their crimes without looking back.
Despite the modest increase, it is important not to be complacent. CISOs must focus on developing and implementing a security strategy that eliminates any blind spots and weaknesses across the entire digital landscape. It could be a shadow IT development environment, a remote access or an email carrier that provides an opportunity for a cyber breach. Do they have proper segmentation to avoid lateral movement and minimize a burst attack, and do they have access to an incident response service to minimize disruption and speed recovery? Now, more than any other time in the past, is the right time to consider a unified security approach for end-to-end preventive control, providing the board with assurance that you are fully protected against next-generation attacks.
Total Attacks Worldwide:
During the first quarter of 2023, the global average weekly attacks increased by 7% compared to the corresponding period in 2022, with each organization facing an average of 1.248 attacks per week.
In Greece, the number of weekly cyber attacks was 774, while the annual change in the number of attacks was -5%. Although the reduction is positive news, organizations must remain vigilant and take all necessary security measures to protect their information.
The Attacks Worldwide per Branch:
In Q2023 2.507, the Education/Research sector was hit the hardest with the highest number of attacks, with an average of 15 attacks per organization per week, representing a 1% increase from Q2022 1.725. The Government/Military sector was the second most targeted with an average of 3 attacks per week, an increase of XNUMX% from the previous year.
The Healthcare sector saw a significant increase in attacks with an average of 1.684 attacks per week, marking a significant year-on-year increase of 22%. However, the most significant change came in the Retail/Wholesale sector, which saw the highest annual growth of 49% with an average of 1.079 attacks per week.
Education/research continued to be the most mobile sector, with many institutions still struggling to secure extensive networks and access points during the transition to distance learning.
Total Attacks by Area:
In the first quarter of 2023, Africa recorded the highest number of average weekly cyber attacks per organization, with an average of 1.983 attacks, indicating a marginal decrease of 2% compared to the first quarter of 1. In contrast, APAC showed the most significant annual increase in average weekly attacks per organization, up 2022% to an average of 16 attacks per organization, followed by the North America region, which saw a 1.835% year-over-year increase to 9 average weekly attacks per organization.
|Region||Avg weekly attacks per org||YoY Change|
There is a growing recognition of the risks posed by cyber-attacks, as well as their consequences, as evidenced by the introduction of regulations and policies in various countries. In the United States, cybersecurity regulations have recently been overhauled, and regulators are currently considering proposals aimed at improving incident reporting, information disclosure, oversight, and modernizing outdated laws. The proposed ones amendments, due to be implemented later in 2023, will require companies to update their cybersecurity compliance programs, covering areas such as corporate governance, notification and reporting requirements, and asset management and security.
1 in 31 organizations worldwide have experienced a ransomware attack
At Cyber Security Report 2023, CPR details how performing ransomware operations and tracking threat actors can become even more difficult. Whereas, the focus will be more on data wiping and export detection. Check Point Research pointed out a worrying shift towards sophisticated malware designed to destroy the compromised system and advises organizations to take appropriate action.
Ransomware attacks by region:
During the first quarter of 2023, approximately 1 in 31 organizations worldwide experienced a ransomware attack on a weekly basis. This represents a 1% increase compared to the same period in 2022, when a similar number of organizations fell victim to such attacks. Latin America saw the largest annual increase of 28%, where 1 in 17 organizations experienced a ransomware attack.
During Q1 2023, on a weekly average, 1 in 75 organizations in the United States were affected by ransomware attacks, indicating an 11% increase compared to the same period last year. In Israel, on a weekly average, 1 in 17 organizations were affected by ransomware attacks, a 76% increase compared to the same period last year.
|Africa||1 15 out of|
|Latin America||1 17 out of|
|APAC||1 17 out of|
|Europe||1 43 out of|
|North America||1 75 out of|
Ransomware attacks by industry:
During the first quarter of 2023, the government/military sector was the most targeted by ransomware attacks, with an average of 1 in 20 organizations affected on a weekly basis. This represents a slight decrease of 2% compared to the previous year. The Finance/Banking sector was the second most affected, with approximately 1 in 25 organizations experiencing such attacks, a 32% increase compared to the previous year. The education/research industry was the third most affected sector, with 1 in 26 organizations affected by ransomware, indicating an 8% decrease over the past year.
|Government/Military||1 20 out of|
|Finance/Banking||1 25 out of|
|Education/Research||1 26 out of|
|ISP / MSP||1 27 out of|
|Healthcare Logistics||1 27 out of|
|SI/VAR/Distributor||1 31 out of|
|Utilities||1 32 out of|
|Consultant||1 33 out of|
|Communications||1 33 out of|
|Insurance/Legal||1 40 out of|
|Manufacturing||1 41 out of|
|Retail/Wholesale||1 44 out of|
|Software vendors||1 48 out of|
|Hardware vendor||1 49 out of|
|Transportation||1 50 out of|
|Leisure/Hospitality||1 51 out of|
|Industry||Organizations under attack
|Government / Army||1 on 20|
|Finance/Banking||1 from 25|
|Education / Research||1 from 26|
|ISP / MSP||1 from 27|
|Health care||1 from 27|
|SI/VAR/Distributor||1 from 31|
|Utilities||1 from 32|
|Advisor||1 from 33|
|Communications||1 from 33|
|Insurance/Legal||1 from 40|
|Construction||1 from 41|
|Retail Wholesale||1 from 44|
|Software vendor||1 from 48|
|Hardware supplier||1 from 49|
|Transfer||1 from 50|
|Recreation/Hospitality||1 from 51|
Cyber Security Tips:
- Updated patches: Keeping computers and servers up to date and applying security patches, especially those designated as critical, can help reduce an organization's vulnerability to cyberattacks
- Cyber Awareness Training: Frequent cyber awareness training is vital to protect the organization from cyber attacks. This training should instruct employees to:
- Do not click on malicious links
- Never open unexpected or untrusted attachments
- Avoid revealing personal or sensitive data to phishers
- Verify softw is legit before downloading it
- Never plug an unknown USB into their computer
- Use better threat prevention: Most ransomware attacks can be detected and resolved before it's too late. You need to have automated threat detection and prevention in your organization to maximize your chances of protection.
- Keep your software up to date. Attackers sometimes find an entry point into your applications and software by noting vulnerabilities and exploiting them. Fortunately, some developers are actively looking for new vulnerabilities and fixing them.
Although some countries are showing signs of a slower increase in cyberattacks, companies and governments should not let down those on the lookout. Building a cyber-resilient estate, based on prevention and consolidation, is critical to mitigating the risks associated with cyber threats. We will continue to monitor and investigate the evolving cyber landscape and strongly call for greater cooperation between the private and public sectors to effectively fight cybercrime and protect our digital assets.