Less than a month after the world witnessed one of the most serious vulnerabilities on the internet, with millions of attacks per hour attempting to exploit the Log4J vulnerability, 2021 been a record-breaking year in terms of cyber-security. Back in October, Check Point Research (CPR) reported a 40% increase in cyber-attacks globally, with 1 out of every 61 organisations worldwide impacted by ransomware each week.
From mid-2020 throughout 2021, there has been an upwards trend in the number of cyber-attacks. This trend reached an all-time high at the end of the year, peaking to 925 cyber-attacks a week per organisation, globally. Overall, in 2021, researchers have seen 50% more attacks per week on corporate networks compared to 2020.
Targets
In 2021, education/research was the sector that experienced the highest volume of attacks, with an average of 1,605 attacks per organisation every week globally. This was a 75% increase from 2020. This was followed by the government/military sector, which had 1,136 attacks per week (47% increase), and the communications industry which had 1,079 attacks weekly per organisation (51% increase).
In Southeast Asia, it’s interesting to note that the Manufacturing industry is the common sector that appears in top 3 for most of the region.
Singapore’s most hit industry by volume is the healthcare industry, with an average of 1,998 attacks per organisation, a 111% increase from 2020. That is followed by Manufacturing (1,544 average hits, +415%), and the Transportation sector. (622, +13%).
In Thailand, Government/ Military takes 1st place by volume with an average of 3,127 attacks per organisation weekly, a 44% decrease as compared to 2020. That is followed by Retail/wholesale (1,587, +113%), and Manufacturing (1,565, +67%).
In Philippines, the top 3 industries with the highest volume of attacks are Manufacturing (2,752, +16%), Government/Military (2,490, -26%), and Finance/Banking (1,028, +18%). Similarly, in Indonesia, the top 3 sectors are Government/Military (8,491, +38%), Manufacturing (2,846, +24%), Finance/banking (2,197, -32%).
Geo data
Africa experienced the highest volume of attacks in 2021, with an average of 1,582 weekly attacks per organisation. This represents a 13% increase from 2020. This was followed by APAC, which has an average of 1,353 weekly attacks per organisation (25% increase); Latin America, with 1,118 attacks weekly (38% increase); Europe, with 670 attacks weekly (68% increase); and North America, with an average of 503 weekly attacks per organisation (61% increase).
Looking at the statistics in Southeast Asia region, the trend is consistent, showing an increase overall in the region, with Singapore taking lead at 145% increase in cyber-attacks per week in 2020:
- Singapore: Average of 1,123 organisations being attacked per week in 2021,145% increase from 2020
- Malaysia: Average of 1,014 organisations being attacked per week in 2021, 3% increase from 2020
- Thailand: Average of 1,783 organisations being attacked per week in 2021, 37% increase from 2020
- Indonesia: Average of 3,167 organisations being attacked per week in 2021, 23% increase from 2020
- Philippines: Average of 1,457 organisations being attacked per week in 2021, 43% increase from 2020
- Vietnam: Average of 1,615 organisations being attacked per week in 2021, no change from 2020
Preventing the next cyber pandemic – A strategy for achieving better security
Prevent attacks before they happen – One of the biggest challenges facing security practitioners is Gen V attacks – the combination of a wide breadth of threats, large scale attacks and a broad attack surface. A security architecture that enables and facilitates a unified and cohesive protection infrastructure is going to provide more comprehensive and faster protection than an infrastructure comprised of pieces that don’t work together. This is the heart of what Check Point Infinity delivers – a security architecture to prevent attacks before they happen.
Secure your everything as everything is a potential target – To achieve effective coverage, organisations should seek a single solution that can cover all attack surfaces and vectors. One solution that provides broad prevention across all attack surfaces. In a multi hybrid environment, where the perimeter is now everywhere, security should be able to protect it all. Email, web browsing, servers and storage are merely the basics. Mobile apps, cloud and external storage are essential, so does compliance of connected mobile and endpoint devices, and your growing IoT device estate. Workloads, containers, and serverless applications on multi- and hybrid-cloud environments should be always part of the check list.
Maintain security hygiene
- Patching: All too often, attacks penetrate networks by leveraging known vulnerabilities that have a patch that has not been applied. Organisations should strive to make sure up-to-date security patches are maintained across all systems and software.
- Segmentation: Networks should be segmented, applying strong firewall and IPS safeguards between the network segments to contain infections from propagating across the entire network.
- Educate Employees to Recognise Potential Threats: Quite often, user awareness can prevent an attack before it occurs. Take the time to educate your users and ensure that if they see something unusual, they report it to your security teams immediately. User education has always been a key element in avoiding malware infections.
- Implementing the most advanced security technologies: There is not a single silver-bullet technology that can protect organisations from all threats and all threat vectors. However, there are many great technologies and ideas available – machine learning, sandboxing, anomaly detection, content disarmament, and numerous more. Each of these technologies can be highly effective in specific scenarios, covering specific file types or attack vectors. Two key components to consider are threat extraction (file sanitisation) and threat emulation (advanced sandboxing). Each element provides distinct protection, that when used together, offer a comprehensive solution for protection against unknown malware at the network level and directly on endpoint devices.
