Log4j Exploits Cause Bump in Q4 Attack Numbers
Researchers at Check Point, a multinational IT security company, reported their findings in a blog post. They attribute the Q4 numbers to the “millions of attacks per hour attempting to exploit the Log4j vulnerability.” This refers to the zero-day security vulnerabilities in the Apache Software Foundation’s widely used Java logging library, discovered in December last year. It was even described as the most critical vulnerability of the last decade. However, the past year was already on its way to breaking records for cyber attack numbers before the Log4j exploit. Check Point had reported a 40% increase in October 2021. It added that one out of every 61 organizations worldwide was hit by ransomware every week.
Education Sector Faced Highest Attack Volume in 2021
Check Point’s research also provides insights into high target sectors and geographical regions. The education and research sectors faced the highest volume of attacks, 75% more than the 2020 numbers. According to Check Point, the sector experiences an average of 1,605 cyberattacks per organization per week. Next up, the government/military sector experienced 1,136 cyber attacks per week. This marks a 47% increase over the previous year. The communications industry faced 1,079 weekly attacks, which was 51% more than its 2020 numbers.
Africa and APAC Regions Most Targeted Last Year
Furthermore, the research revealed that Africa was the most targeted region last year. The region faced 1,582 weekly attacks on average per organization, which marked a 13% increase over last year. The Asia-Pacific region followed as a close second, with 1,353 attacks per week on average per organization. This was a 25% increase over 2020. The report also provided data about other regions:
Latin America: Faced 1118 weekly attacks, a 38% increase over 2020 Europe: 670 weekly cyber attacks, a 68% increase over the year before North America: 503 attacks on average per week, a 61% increase
Check Point’s Recommendations for Improving Cybersecurity
Check Point pointed out that everything is a potential target, therefore it is crucial to secure everything. Organizations need to find a single solution that can secure any potential attack surface. It is not enough to just secure email, web browsing, servers, and storage. In fact, these are just the basics. “Mobile apps, cloud and external storage are essential, so does compliance of connected mobile and endpoint devices, and your growing IoT device estate,” Check Point said. “Workloads, containers, and serverless applications on multi- and hybrid-cloud environments should be part of the checklist at all times.” If you liked this article, we recommend you take a look at our beginner’s cybersecurity guide for small businesses.