Check Point Research: Ransomware Attacks Per Organization Hit All-Time Peak in Q2
Ransomware attacks are showing no signs of slowing down.
![ransomware detected ransomware detected](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt9b482edb54714e76/65241cfc1be3f571df2a537e/Ransomware-Detected.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
The regions that see the most ransomware attacks are:
In North America, the weekly average of impacted organizations is one out of 108 – a minor increase of 1% year over year.
In Australia/New Zealand, the weekly average of impacted organizations is one out of 113, an 18% increase.
In Africa, the weekly average of impacted organizations is one out of 21, a 21% increase.
In Europe, the weekly average of impacted organizations is one out of 66, a 1% decrease.
Latin America has seen the largest increase in attacks, with one out of 23 organizations impacted weekly, a 43% increase year over year, followed by Asia, which has seen a 33% increase, reaching one out of 17 organizations impacted weekly.
Check Point‘s Omer Dembinsky said there are a number of reasons why cybercriminals are able to successfully attack organizations. In addition, there are a number of preventive measures organizations should be taking.
“It is a combination of investing in security technology, ongoing software updates and in user education,” he said. “Many successful attacks start either from taking advantage of the human factor (as in phishing) or from exploiting unpatched vulnerabilities.”
Retailers and the wholesale sector saw the largest spike in ransomware attacks, with a surprising increase of 182% compared to the same period last year. The distributor sector saw a 143% increase and the government/military sector reported a staggering increase of 135%, reaching a ratio of one out of 24 organizations impacted by ransomware on a weekly basis.
The education/research sector has become the most attacked industry worldwide, absorbing an average of more than 2,300 attacks per organization every week, which marks a 53% increase compared to the year-ago quarter.
The health care sector saw a 60% increase in cyberattacks compared to the year-ago quarter, reaching 1,342 attacks per organization every week.
Dembinsky said it’s difficult to point to specific reasons why cybercriminals target some sectors over others.
“But for government/military, it can be tied partly to political conflicts,” he said. “As for retailers and wholesale, these are usually large companies that should have the ability to pay the ransom, and in some cases they are also less security-oriented.”
Dembinsky said although the upward trend in ransomware attacks is not surprising, seeing that North America and Australia/New Zealand are showing the largest increase in weekly attacks per organization and closing the gap on other regions is “something that should not be overlooked.”
Check Point offers the following ransomware prevention tips:
Make sure you back up your data regularly, constantly if possible, and throughout the entire organization.
It’s worth putting together a response strategy. In other words, what are you going to do if your organization is the target of a ransomware attack?
One common method for ransomware attackers is to trick employees into either providing their login credentials via a phishing link, or downloading a file that contains malware. You can protect against both of these potential threats by implementing more content scanning and filtering.
Make sure to keep your systems up to date with the latest software patches.
Ransomware attacks are often the result of poor employee training and/or bad employee habits. Make sure your employees are familiar with standard best practices in the cybersecurity world, like choosing strong passwords, never giving out their passwords to others, and avoiding links and content that appear suspicious or unfamiliar.
Dembinsky said the escalation in ransomware attacks is likely to continue during the third quarter.
“When looking year-over-year, we would still expect to see an increase, although it might be smaller than what we have seen in the past few quarters,” he said.
Mega cyberattacks like SolarWinds and Log4J were not inevitable, Check Point said. With the correct measures and technologies in place, many organizations could have avoided the impact and devastating effect of such attacks.
Dembinsky said the escalation in ransomware attacks is likely to continue during the third quarter.
“When looking year-over-year, we would still expect to see an increase, although it might be smaller than what we have seen in the past few quarters,” he said.
Mega cyberattacks like SolarWinds and Log4J were not inevitable, Check Point said. With the correct measures and technologies in place, many organizations could have avoided the impact and devastating effect of such attacks.
The latest Check Point Research data shows ransomware attacks impacted one out of 40 organizations each week globally during the second quarter of 2022.
That’s a 59% year-over-year increase in ransomware attacks. Average weekly attacks per organization globally reached a peak of 1,200 attacks, a 32% increase year-over-year. That represents an all-time peak.
No Signs of Slowing Down
Omer Dembinsky is data group manager at Check Point Software Technologies.
Check Point’s Omer Dembinsky
“Ransomware attacks are showing no signs of slowing down,” he said. “Hackers are leveraging the increase in attack surface from remote work and learning. And the war between Ukraine and Russia also helps drive the proliferating trend, as geopolitical tensions rising inspires hackers to take sides. Lastly, the willingness of organizations to meet ransomware demands in order to protect patients has proved the business of ransomware to be highly lucrative. Hence, we see that hackers are continuing to invest resources in going after health care organizations. We strongly recommend organizations everywhere to take note of our ransomware prevention tips, such as backing up data, keeping systems up to date and training employees on awareness.”
Check Point Research also shared general cyberattack trends. The top three most targeted industries for ransomware are government/military, education/research and health care. And Africa saw the highest volume of attacks peaking at 1,700 attacks on average per organization.
May marked the fifth anniversary of the infamous WannaCry attack, and it seems ransomware has completely changed the threat landscape. It has evolved to be a weapon in the hands of attack groups threatening governments. Check Point Research recently coined the term “country extortion.” It did so after observing how ransomware expanded its business borders to now include the government sector.
Scroll through our slideshow above for more from Check Point Research on second-quarter ransomware activity.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like