Global cyberattacks increased by 38% in 2022, compared to 2021. These cyberattack numbers were driven by smaller, more agile hacker and ransomware gangs, who focused on exploiting collaboration tools used in work-from-home environments, targeting of education institutions that shifted to e-learning post COVID-19. This increase in global cyberattacks also stems from hacker interest in healthcare organizations, which saw the largest increase in cyberattacks in 2022, when compared to all other industries. CPR warns that the maturity of AI technology, such as CHATGPT, can accelerate the number of cyberattacks in 2023.
Check Point Research (CPR) has released new data on last year’s cyberattack trends. The data is segmented by global volume, industries, continents and countries.
Global volume of cyberattacks reached an all-time high in Q4 with an average of 1168 weekly attacks per organization
Top 3 most attacked industries in 2022 were Education/Research, Government and Healthcare
Geography of Africa experienced the highest volume of attacks with 1875 weekly attacks per organization, followed by APAC with 1691 weekly attacks per organization.
North America (+52%), Latin America (+29%) and Europe (+26%) showed largest increases in cyberattacks in 2022, compared to 2021.USA saw a 57% increase in overall cyberattacks in 2022, UK saw a 77% increase and Singapore saw a 26% increase.
India has had 13.70% cyberattacks in the government sector in 2022. This is nearly a 7% increase from2021.
In 2022, attacks on the Indian government intensified to the point where it became the country that was most frequently targeted in this sector. This expansion is the result of the hacktivist group Dragon Force Malaysia’s #OpIndia and #OpsPatuk campaigns. Numerous hacktivist groups joined and supported these campaigns, which laid the path for subsequent ones.
Government agencies in India have become popular targets of extensive phishing campaigns.
Cyberattacks are increasing world-wide, with 38% more cyberattacks per week on corporate networks in 2022, compared to 2021. Several cyber threat trends are all happening at once.
For one, the ransomware ecosystem is continuing to evolve and grow with smaller, more agile criminal groups that form to evade law enforcement. Second, hackers are widening their aim to target business collaboration tools such as Slack, Teams, OneDrive and Google Drive with phishing exploits. These make for a rich source of sensitive data given that most organizations’ employees continue to work remotely.
Third, academic institutions have become a popular feeding ground for cybercriminals following the rapid digitization they undertook in response to the COVID-19 pandemic. In fact, the education/research sector was the number one most attacked industry globally, seeing a 43% increase in 2022 compared to 2021, with an average of 2,314 attacks per organisation every week. Many education institutions have been ill-prepared for the unexpected shift to online learning, creating ample opportunity for hackers to infiltrate networks through any means necessary. Schools and universities also have the unique challenge of dealing with children or young adults, many of which use their own devices, work from shared locations, and often connect to public WiFi without thinking of the security implications.
List of 7 Recent Cyber Attacks In India Between 2021 – 2022
- Razorpay – Lost ₹7.3 Crores
Online payment gateway Razorpay said hackers stole ₹7.3 crore worth of funds in 831 transactions over a period of 3 months. According to media reports, “an unauthorized actor(s) with malicious intent” manipulated the authorization process of the gateway to authenticate these transactions.
- Amazon, Flipkart, Airtel & JioMart – 10 Crore Data Sold
As per media reports, due to the cyberattack on Juspay in 2021, data of over 100 million client customers including those of Amazon, Flipkart, Airtel, and Jiomart was leaked and sold on the dark web for bitcoins worth $6,000.
- Oil India Ltd. – Ransom of ₹58 Crore
Between October 2021 and April 2022, the government-owned oil & gas extraction company Oil India Ltd. reported cases of cyberattacks. It also found a ransom note on one of the infected computers, demanding $7,500,000 (approximately ₹58 crore).
- Tech Mahindra – Loss of ₹35 Crore In Smart City
In March 2021, Indian IT company Tech Mahindra which manages the Smart city project for Pimpri Chinchwad municipal corporation filed a criminal report about a ransomware attack that resulted in a loss of an estimated 35 crore.
5. Mobikwik – 10 Crore Users Data on Sale
Reportedly the data of nearly 10 crore users for mobile wallet & payments app MobiKwik was on sale on a hacker forum on the dark web in early 2021. The data is said to have included KYC details for many of the users, and information such as Aadhaar card, signatures, etc.
- Air India – 45 Lac Passengers Data Hacked
A sophisticated hacking attack on Air India’s passenger service system provider SITA resulted in the theft of personal data of around 4.5 million passengers in February 2021. Frequent flyer data and credit card data were affected due to the breach.
- Domino’s – 18 Crore Orders Gone Public
In May 2021, data related to 18 crore orders of Domino’s was made public on the internet. Anyone could see who & how many customers ordered their pizza, on the internet.
This data is upto June 2022.
Looking back at cyberattacks for the healthcare sector in 2022, healthcare organizations in the US suffered an average of 1410 weekly cyberattacks per organization, which is 86% higher than the number we saw in 2021, with the healthcare sector ranking second out of all sectors for the most cyberattacks in the US.
Hackers like to target hospitals because they perceive them as short on cyber security resources with smaller hospitals particularly vulnerable, as they are underfunded and understaffed to handle a sophisticated cyberattack.
The healthcare sector is so lucrative to hackers as they aim to retrieve health insurance information, medical records numbers and, sometimes, even social security numbers with direct threats from ransomware gangs to patients, demanding payment under threats of having patient records released. Ransomware gangs also find the attention gained from attacking a hospital as an attractive plus-point for their notoriety.
Unfortunately, we expect the increase in cyberattack activity to only increase. With AI technologies such as ChatGPT readily available to the public, it is possible for hackers to generate malicious code and emails at a faster, more automated pace.
Source: The Economic Times, CyberRES, News18, CloudSEK, Twitter