By George Mack, Content Marketing Manager, Check Point Software.
The year 2021 represented one of the most turbulent and disruptive periods on record, as far as cyber security is concerned. From the SolarWinds attack to the Apache Log4j vulnerability, hackers have become extremely innovative in finding new ways to penetrate corporate networks. New types of ransomware, supply-chain attacks, and banking Trojans dominated headlines all over the world.
As we proceed through 2022, it’s critical that you keep up to date with the latest security trends. Below are 13 alarming statistics that you must know if you want to keep your organization’s data safe and secure.
- Botnets are responsible for 31% of all cyber attacks targeting corporate networks. According to Spamhaus reports, botnets have exploded in popularity, with thousands of new botnet servers appearing each quarter.A network of 30,0000 bots can generate around $26,000 a month, so it comes as no surprise as to why the botnet has become a favorite cyber weapon of threat actors.
- Education and Research was the most targeted sector, with organizations facing an average of 1,605 weekly attacks. The second most targeted sector was Government and Military, facing an average of 1,136 weekly attacks.
- The most malicious file type is still the infamous EXE, making up 52% of all malicious files. In 2nd place is the PDF, comprising 20% of all malicious files, followed by DOCs in 3rd place at 5%.
- Over 84% of all cyber attacks were distributed via e-mail in 2021. This is a drastic rise from 2019, when “only” 64% of all cyber attacks were sent via e-mail. As more people access e-mail using their mobile phones, expect more hackers to take advantage of this attack vector.
- Trickbot is the most prevalent malware family, making up 11% of all corporate network attacks globally. First developed in 2016, Trickbot is a banking Trojan targeting a wide array of international banks via webinjects; this Trojan can also steal from Bitcoin wallets.
- Cyber criminals can penetrate 93% of company networks. A new study from Positive Technologies discovered that in 93% of cases, threat actors can infiltrate an organizations’ network perimeter and gain access to local resources among financial organizations, energy companies, government bodies, IT businesses, and other sectors. On average, hackers can penetrate a company’s internal network in just two days.
- Cyber attacks are up 50% in 2021 in comparison to 2020, peaking in December, largely due to Log4j exploitations. Threat actors targeted Africa, Asia Pacific, and Latin America the most, while Europe experienced the highest % increase in cyber attacks year over year.
- Software supply chain attacks have increased by 650%. In 2021, it seems that organizations were caught largely unprepared, as a survey concluded that 82% of companies designate the third party vendors that make up their software supply chain with highly privileged roles. 76% provide roles that could allow account takeover, and worst of all, over 90% of designated security teams were not aware that such permissions were even granted.
- 43% of cyber attacks are aimed at small businesses, according to Accenture’s Cost of Cybercrime Study. However, only 14% of small businesses are prepared to defend themselves.
- The healthcare industry has seen a 51% increase in breaches and leaks since 2019. Furthermore, 70% of surveyed organizations reported that healthcare ransomware attacks have resulted in longer lengths of stay in hospital and delays in procedures that have resulted in poor outcomes including an increase in patient mortality.
- There will be one ransomware attack every 11 seconds by 2022, according to a previous analysis by CyberSecurity Ventures. This is an increase of about 20% compared to the prediction made in 2019 of 14 attacks per second.
- By 2025, cryptocurrency crime is predicted to surpass $30 billion, up from $17.5 billion in 2021 according to Cybersecurity Ventures. Recently, BBC reported that a token dubbed SQUID stole $3.38 million from crypto investors.
- Non-fungible tokens, or NFTs, are all the rage. The NFT digital marketplace is shaking up the art world and has grown to an estimated $22 billion in 2021. However, a rise in NFT theft is expected over the next several years. In a recent phishing attack, $7 million in NFTs were stolen from OpenSea users.
- In 2021, organizations experienced the highest average cost of a data breach in 17 years at $4.24 million, rising from $3.86 million the previous year.
These statistics portray how critical it is for companies to adapt to the ever-evolving threat landscape.
Whether you’re concerned about botnets, supply-chain attacks, or data breaches, you need to review your security strategies in order to survive and thrive in 2022.
Lastly, to receive cutting-edge cyber security news, best practices and resources in your inbox each week, sign up for the CyberTalk.org newsletter.