Image: Towfiqu barbhuiya (unsplash)
Check Point Research (CPR), the Threat Intelligence division of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a foremost global provider of digital security solutions, presented its 2023 Mid-Year Security Report. It highlights an alarming 8% increase in worldwide weekly cyberattacks during the second quarter, marking the most significant jump over the past two years. This shows that perpetrators ingeniously integrate cutting-edge AI technologies with traditional tools like USB devices to orchestrate disruptive digital offenses. Moreover, the first half of the year saw a growth in ransomware attacks with emerging ransomware collectives making their debut.
Incidents like the tri-fold extortion targeting the University of Manchester and the emergence of groups such as Anonymous Sudan aiming at western entities, form key highlights of the 2023 Mid-Year Security Report. This offers a glimpse into the patterns and activities characterizing the year to date.
Primary findings from the 2023 Mid-Year Security Report are:
- Ransomware collectives are becoming more sophisticated, exploiting flaws in widespread corporate software, transitioning from data encryption methods to data pilfering techniques.
- The resurgence of USB Devices as major threats is evident, with both state-connected units and digital wrongdoers utilizing USB drives to infiltrate global organizations.
- Hacktivism is on the rise, witnessing politically driven collectives attacking specific entities.
- The misuse of Artificial Intelligence has expanded, using generative AI instruments for crafting deceptive emails, monitoring keystrokes, and producing fundamental ransomware code, indicating a need for stricter regulations.
- In the first half of 2023, a total of 48 ransomware groups compromised over 2,200 entities, with Lockbit3 being the most active, registering a 20% growth in affected entities compared to the first half of 2022. New groups like Royal and Play emerged with the cessation of Hive and Conti Ransomware-as-a-Service (RaaS) factions. Geographically, 45% of affected entities were based in the US, coupled with a surprising growth in entities due to the fresh player “MalasLocker”, which replaces ransom requests with charity contributions. The manufacturing and retail sectors were the most affected, indicating a shift in the digital crime strategy.
In reflecting on these trends, Maya Horowitz, VP Research at Check Point Software mentioned that digital maleficence showed an upward trajectory during the year’s first half. The escalation of global weekly cyberattacks by 8% in the second quarter was the peak in two years. Threats like ransomware and hacktivism have metamorphosed, as malevolent groups adapt their techniques and instruments to compromise organizations globally. Even vintage tech such as USB storage devices, which were dormant, are now recognized as conduits for malware.
The emphasis for organizations is to formulate a digital resilience blueprint, fortifying their defenses via an anticipatory, comprehensive stance to digital security. While digital offenses are unavoidable, they can be substantially mitigated through preemptive actions and optimal security tools.
The 2023 Mid-Year Security Report furnishes an exhaustive overview of the digital threat terrain. Insights are sourced from the Check Point ThreatCloud Cyber-Threat Map, examining the primary strategies adopted by digital offenders. The complete report can be accessed at the following link.