Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its 2023 Security Report reflecting on a chaotic year in cybersecurity. The report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war. Education and Research remains the most targeted sector, but attacks on the healthcare sector registered a 74% increase year-on-year
According to the report, cyberattacks have risen by 38% in 2022 compared to the previous year, with an average of 1,168 weekly attacks per organization being recorded. The report also highlights the role played by smaller and more agile hackers and ransomware groups in exploiting legitimate collaboration tools used in the hybrid workplace. From the rise of new ransomware variants to the spread of hacktivism in conflict areas in Eastern Europe and the Middle East, the 2023 Security Report uncovers the trends and behaviors that defined the year.
Key findings from the 2023 Security Report include:
- Hacktivism – The boundaries between state-sponsored cyber operations and hacktivism have become increasingly blurred, as nation-states act with anonymity and impunity. Non-state affiliated hacktivist groups have become more organized and effective than ever before.
- Ransomware Extortion – ransomware operations are becoming more challenging to attribute and track, and existing protection mechanisms that are based on detecting encryption activity may become less effective. The focus will instead be on data wiping and exfiltration detection.
- Cloud: Third Party Threat – The number of attacks on cloud-based networks per organization has skyrocketed, with a 48% rise in 2022 compared to 2021. The shift in threat actors´ preference to scan the IP range of cloud providers highlights their interest in gaining easy access to sensitive information and critical services.
The report also offers insights specifically for CISOs, aimed at drawing attention to critical security actions for the coming year. These insights include reducing complexity to bridge the cyber-skills gap, limiting the cost of cloud misconfigurations, and increasing the use of automation and AI to detect network risks that may go unnoticed by the human eye.
“The increase in the volume of cyberattacks in the next twelve months is a cause for concern,” says Maya Horowitz, VP Research at Check Point Software. “The migration to the cloud has expanded the attack surface for cybercriminals, and the legitimate tools used by organizations will continue to be manipulated. The widening cyber-skills gap and the growing complexity of distributed networks make it a perfect storm for cybercriminals.”
Ms. Horowitz adds, “To mitigate the risk of cybercrime, CISOs can begin by reading our 2023 Security Report and ensuring continued cybersecurity education for employees. Raising awareness of current threats and emerging tactics used by threat actors can help safeguard organizations from malicious threats in the future.”
The Security Report´s findings are based on data drawn from the Check Point ThreatCloud Cyber-Threat Map, which looks at the key tactics’ cybercriminals are using to carry out their attacks.
A full copy of the report is available here on the interactive site.
Follow Check Point Research via:
About Check Point Research
Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.