Attacks on cloud-based networks ‘skyrocket’ in 2022
- Published: Friday, 10 February 2023 10:23
Check Point Research (CPR) has published its 2023 Security Report reflecting on ‘a tumultuous 2022, which saw cyber attacks reach an all-time high in response to the Russo-Ukrainian war’.
According to the report, cyber attacks rose by 38 percent in 2022 compared to the previous year, with an average of 1,168 weekly attacks per organization being recorded. The report also highlights the role played by smaller and more agile hackers and ransomware groups in exploiting legitimate collaboration tools used in the hybrid workplace. From the rise of new ransomware variants to the spread of hacktivism in conflict areas in Eastern Europe and the Middle East, the 2023 Security Report uncovers the trends that defined 2022.
Key findings from the 2023 Security Report include:
- Cloud: third party threat – the number of attacks on cloud-based networks per organization has skyrocketed, with a 48 percent rise in 2022 compared to 2021. The shift in threat actors´ preference to scan the IP range of cloud providers highlights their interest in gaining easy access to sensitive information and critical services.
- Hacktivism - the boundaries between state-sponsored cyber operations and hacktivism have become increasingly blurred, as nation-states act with anonymity and impunity. Non-state affiliated hacktivist groups have become more organized and effective than ever before.
- Ransomware Extortion - ransomware operations are becoming more challenging to attribute and track, and existing protection mechanisms that are based on detecting encryption activity may become less effective. The focus will instead be on data wiping and exfiltration detection.
The report also offers insights specifically for CISOs, aimed at drawing attention to critical security actions for the coming year. These insights include reducing complexity to bridge the cyber-skills gap, limiting the cost of cloud misconfigurations, and increasing the use of automation and AI to detect network risks that may go unnoticed by the human eye.
“There is no doubt we will see an increase in the volume of attacks over the next twelve months. Cloud migration has created a wider attack surface for cybercriminals, and the legitimate tools we all use will be further manipulated by cybercriminals. This has already been demonstrated in the case of ChatGPT, with Russian cybercriminals trying to bypass OpenAI’s API restrictions and gain access to the chatbot for malicious reasons” said Maya Horowitz, VP Research at Check Point Software. “Add to this the widening cyber skills-gap and the increasing complexity of distributed networks, and we have the perfect storm for cybercriminals.”