Cyber attacks have increased by three percent worldwide. The healthcare sector is particularly affected by this, according to the latest statistics for 2023. Check Point Research (CPR) has published its new statistics on cyber attacks for the period Q1 to Q3 2023-
The education and research sector recorded the most attacks, with an average of 2160 attacks per organization per week, a decrease of 5 percent compared to the same period in 2022. The government and military sector was the second most attacked with an average of 1696 attacks per week (+0,4 percent), while healthcare is close behind with an average of 1613 attacks per week (+11 percent).
Over 960 attacks on European organizations per week
In a regional comparison, Africa recorded the highest number of weekly attacks per company in 2023 with an average of 1987 attacks (+6 percent). In the APAC region, the average number of weekly attacks per company increased by 15 percent to an average of 1963 attacks. In Europe, the number fell slightly (-966 percent) to 1 organizations. Notably, among European countries, Denmark experienced a drastic increase of 575 percent with 66 attacks. In the DACH region, however, the numbers are declining in line with the European trend, as previously indicated with Germany.
Ransomware primarily targets the government and military sectors
The security researchers at CPR also present current figures for ransomware attacks: In 2023, one in 34 organizations worldwide has been affected by an attempted ransomware attack every week (+4 percent) - ahead of all organizations in Africa and Latin America: on average One in 19 organizations there experienced an attack every week. North America recorded the highest increase of 25 percent compared to the previous year.
So far this year, most ransomware attacks have hit the government and military sector: one in 24 organizations was affected (-11 percent), closely followed by the healthcare sector with one in 25 organizations (+3 percent). With a similar increase compared to the previous year, the education and research sector followed in third place with one out of 3 organizations. Many of the most attacked industries include critical infrastructure (KRITIS) and services, including the utilities sector, which ranks 27th and has seen a dramatic 6 percent increase in ransomware attacks over the last year.
There are various reasons for the increasing trend of ransomware attacks for some time:
Lucrative business model: The ability to extort money from individuals, companies or even governments makes ransomware a profitable business for the perpetrators.
Sophisticated techniques:Hackers bypass traditional security measures by using advanced tactics such as exploiting zero-day vulnerabilities and social engineering.
Ransomware as a Service (RaaS): The emergence of ransomware-as-a-service platforms makes it easy for inexperienced individuals to carry out ransomware attacks. This model provides malicious tools and infrastructure for rent, lowering the barrier to entry for would-be cybercriminals.
Weak IT security is exploited: Many companies, especially smaller ones, have inadequate protective measures. Weak passwords, outdated operating systems and inadequate employee training provide opportunities for attackers to gain access.
Critical infrastructures in sight: Hackers are increasingly targeting critical infrastructure. They speculate on increased willingness to pay in these sectors to avoid disruptions that could have serious consequences.
Inadequate regulation: In some regions, IT security regulations and laws are not robust enough to effectively deter attackers. This lack of consequences emboldens them.
Anonymity of cryptocurrencies: Using cryptocurrencies, such as Bitcoin, for ransom payments provides a level of anonymity that traditional banking systems do not offer. This facilitates the financial transactions required for ransomware operations without easy traceability.
To protect themselves from ransomware attacks, organizations should heed the following tips:
Employee training: Phishing emails are one of the most popular methods for spreading ransomware. Frequent training is therefore crucial, with your own employees being the first line of defense. These trainings explain the classic characters and language used in phishing emails.
Current patches: Keeping computers up to date and applying patches (especially critical ones) reduces a company's vulnerability to ransomware attacks. They are often overlooked or take a long time to arrive.
Better Threat Defense: Most ransomware attacks can be detected and prevented before it is too late. To maximize their chances of protection, organizations must establish automated threat detection and response. This includes scanning and monitoring emails and suspicious file activity.
AI as an ally in the fight against IT threats: AI-driven products complement human expertise and strengthen defenses, providing robust protection against a wide range of attacks.
Anti-ransomware solutions: These monitor programs for behavior that suggests ransomware. If these are detected, they can take measures to stop the encryption before further damage occurs.
Robust data protection: Ransomware is designed to force victims to pay a ransom so that they can regain access to their encrypted data. However, this is only effective if the target actually loses access to their data. A robust, secure data backup solution is a proven way to mitigate the impact of a ransomware attack. The backups themselves must also be stored safely from ransomware.
Directly to the report on CheckPoint.com
About check point Check Point Software Technologies GmbH (www.checkpoint.com/de) is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.
Matching articles on the topic