Cyberattacks Against MSPs Jump 67%, Check Point Research Finds
Cyberattacks spiked by 50 percent in 2021 as compared to 2020, aided by millions of attacks in December by hackers attempting to exploit the Log4J vulnerability, according to a Check Point Software Technologies research report.
In terming 2021 a “record breaking year,” the security provider pointed to a worldwide peak of 925 cyber attacks per organization weekly and an October 2021 measure that showed a 40 percent increase in cyberattacks, with one out of every 61 entities hit by ransomware each week. The number of cyberattacks on managed service providers (MSPs) and internet service providers (ISPs) rose by nearly 70 percent year over year.
In 2021, the education and research sector experienced the highest volume of attacks at an average of 1,605 a week per organization, for a 75 percent increase over 2020. Among the other highest sectors were:
- Government/military at 1,136 attacks per week (47% increase).
- Communications at 1,079 attacks per week (51% increase).
- ISPs/MSPs at 1,068 attacks per week (67% increase).
- Healthcare at 830 attacks per week (71% increase).
Among the geographic regions most frequently attacked in 2021 were:
- Africa: average of 1,582 weekly attacks per organization (13% increase).
- Asia Pacific: average of 1,353 weekly attacks per organization (25% increase).
- Latin America: average of 1,118 weekly attacks per organization (38% increase).
- Europe: average of 670 weekly attacks per organization (68% increase).
- North America: average of 503 weekly attacks per organization (61% increase).
Check Point offered some pointers on how organizations can prevent the next cyber pandemic:
- Prevent attacks before they happen. One of the biggest challenges facing security practitioners is Gen V attacks – the combination of a wide breadth of threats, large scale attacks and a broad attack surface. Prevention requires a unified and cohesive protection infrastructure.
- Everything is a potential target. To achieve effective coverage, organizations should seek a single solution that can cover all attack surfaces and vectors.
- Maintain security hygiene. Organizations should strive to make sure up-to-date security patches are maintained across all systems and software.
- Segment networks: Networks should be segmented, applying strong firewall and IPS safeguards between the network segments in order to contain infections from propagating across the entire network.
- Educate employees. User education has always been a key element in avoiding malware infections. Ensure users to immediately report unusual items to security teams.
- Implementing the most advanced security technologies. There is no silver-bullet to protect organizations from all threats and all threat vectors. However, there are “many great technologies and ideas available,” chief among them machine learning, sandboxing, anomaly detection and content disarmament, Check Point said. “Each of these technologies can be highly effective in specific scenarios, covering specific file types or attack vectors.”