There was a global increase in cyberattacks in Q3, 2022, with attacks rising by 28% compared to the corresponding period last year. Attacks are now occurring at a rate of 1,130 per week, on average, according to Check Point Research.
Education was the most extensively targeted sector in Q3, experiencing an 18% rise in attacks, followed by government/military which saw a 20% increase. Healthcare was the third most targeted sector with an average of 1,426 attacks per month, but saw the second highest percentage increase in attacks, increasing by 60% from 2021. Healthcare also experienced the highest number of ransomware attacks out of any sector in Q3, with 1 in 42 healthcare organizations experiencing an attack – a 5% increase from Q3, 2021. This was despite an 8% global fall in ransomware attacks in Q3.
While the number of attacks has increased compared to last year, it appears that the attacks are starting to plateau, as the percentage increase is nowhere near as sharp as in 2021. Check Point suggests that this could be due to the increased investment in cybersecurity by enterprises, and the increased focus of governments on pursuing hackers and ransomware gangs and bringing them to justice.
“Hackers and attack groups have gained momentum and confidence, luring and attacking what seems to be endless targets around the globe,” wrote the researchers. In Q3, several major attacks were reported, including a cyberattack on the second largest school district in the United States – LA Unified School District. Australia has also seen more than its fair share of attacks, having experienced one of the largest data breaches in the country’s history – The attack on the telecoms company Optus, which was closely followed by a ransomware attack on Medibank – the largest health insurer in the country. The ANZ (Australia and New Zealand) region saw the highest percentage increase in cyberattacks in Q3, with a 72% increase, followed by North America, which saw a 47% increase in cyberattacks to an average of 849 attacks on organizations per week.
The increase in attacks shows how important it is to invest in cybersecurity and continuously assess and improve defenses. Check Point recommends focusing on prevention and ensuring that cybersecurity best practices are followed, rather than concentrating on threat detection once networks have been breached.
Many of these cyberattacks targeted employees, with phishing one of the most common ways that threat actors gain initial access to networks and spread ransomware and malware. It is important to ensure that employees receive adequate training, which should be provided frequently to reinforce cybersecurity best practices and train employees how to recognize and avoid threats such as phishing. Modern email filtering solutions should also be deployed that are capable of behavioral analysis of attachments to identify zero-day malware threats, through sandboxing technology. Healthcare organizations should also consider signing up for real-time threat intelligence, which can help to actively guard against zero-day phishing campaigns, as well as employ URL filtering to block access to known malicious websites.
Vulnerabilities are commonly exploited and it can be difficult for security teams to keep on top of patching and software updates. Prioritizing patching is vital to ensure that the most serious vulnerabilities are addressed first. CISA has recently published a methodology that can be adopted for improving patch management efficiency. In healthcare especially, anti-ransomware technology should be deployed that can rapidly detect signs of ransomware and uncover running mutations of known and unknown malware families by using behavioral analysis and generic rules.