301.519.9237 exdirector@nesaus.org

1.18.22 – CEPro

Research from Check Point finds cyberattacks increased by 50% in 2021, with third-party tech service providers among those most targeted.

Zachary Comeau  • January 18, 2022

Cybersecurity firm Check Point says cyberattacks increased by 50% in 2021, with third-party tech service providers among the most frequently attacked.

The 2021 data comes just a few months after the company reported in October a 40% increase in cyberattacks globally. However, the fourth quarter of 2021 was a particularly busy one for IT professionals, largely due to the Log4j vulnerabilities.

According to Check Point, there were 925 cyberattacks per week per organization globally in the fourth quarter.

This uptick, the firm says, began in the second quarter of 2020. It has continued to wreak havoc on IT and security teams everywhere. That aligns with the start of the COVID-19 pandemic and shift to remote work, which has eliminated the idea of the traditional IT perimeter and exposed organizations to increased risk.

The education and research sector was the hardest hit in 2021, with a reported 1,605 weekly attacks per organization, which is a 75% increase from 2020, Check Point reports.

Government and military organizations were the next most targeted in 2021 with 1,136 weekly attacks per organization, a 47% increase over 2020. That was followed by the communications industry, which saw a weekly average of 1,079 cyberattacks per organization, a 51% increase over 2020.

Also alarming is the continued cyberattacks against ISPs, MPSs and other third-party tech services providers. According to Check Point, ISPs and MSPs saw a weekly average of 1,068 cyberattacks in 2021, a 67% increase over the previous year. Meanwhile, other service providers like system integrators, value-added resellers and distributors saw an 18% increase in weekly cyberattacks, but saw far fewer, at 778.R

That data reflects the growing trend of threat actors seeking to compromise one organization that has access to the networks of enterprise customers, rather than targeting one organization individually.

Reporting the largest uptick in weekly cyberattacks were software vendors, which saw a weekly average of 536 attacks per organization, a 146% increase over 2020.

That reflects the need for supply chain security following several intrusions into the build environments of several trusted IT vendors, such as SolarWinds and Kaseya.

Surprisingly, the most targeted regions for attacks were Africa, APAC, Latin America, Europe and North America, in that order. However, North America and Europe both reported increases of at least 61% over 2020.

The company recommends maintaining good cybersecurity hygiene, including:

  • Applying security patches in a timely manner
  • Segmenting networks
  • Educating employees on how to recognize threats
  • Leveraging IT security tools and software

This article originally appeared on our sister publication Commercial Integrator‘s website.