Cyber-attacks are on the rise globally, with a 30% increase in weekly attacks on corporate networks in Q2 2024 compared to Q2 2023. Organizations faced an average of 1,636 attacks per week worldwide, while in the UAE, the average was 1,546 weekly attacks per organization in Q2 2024, representing an 18% year-over-year increase. This relentless surge highlights the growing sophistication and persistence of threat actors, driven by multiple converging cyber threat trends.
For instance, the education and research industry has consistently been a prime target for cyber criminals due to its wealth of sensitive information and often inadequate cyber security measures made further complex by multiple groups of online users within and outside of the network expanding the attack vector surface. In fact, the education/research sector was the number one most attacked industry globally, seeing a 53% increase in Q2 2024 compared to Q2 2023, with an average of 3,341 attacks per organization every week.
Government/Military was the second most attacked sector with 2,084 attacks per week, reflecting the high stakes involved in state-level cyber espionage and disruption.
Looking back at cyber attacks for the Healthcare sector in Q2, healthcare organizations saw an average of 1,999 weekly attacks per organization, which was 15% higher than last year. Hackers like to target hospitals because they perceive them as short on cyber security resources with smaller hospitals particularly vulnerable, as they are underfunded and understaffed to handle a sophisticated cyber attack.
Ranking third out of all sectors for the most cyber attacks globally, healthcare is so lucrative to hackers because they aim to retrieve health insurance information, medical records numbers and, sometimes, even social security numbers.
Furthermore, the Hardware Vendor industry experienced largest increase in attacks, with a dramatic rise of 183%. This surge underscores the expanding target range of cyber criminals as they seek to exploit vulnerabilities across various sectors.
Ransomware Attacks per Industry
In Q2 2024, ransomware attacks that involved public extortion were reported showing a 13% year-over-year increase, totaling approximately 1,200 incidents. In terms of industry impact, the Manufacturing sector was the most affected, representing 29% of publicly extorted ransomware attacks’ victims globally, with a significant 56% year-over-year increase. The Healthcare sector followed, accounting for 11% of the attacks and experiencing a 27% increase. The Retail/Wholesale industry saw 9% of the attacks, with a notable 34% decrease from the previous year. Notably, the Communications and Utilities sectors experienced dramatic rises in ransomware incidents, with increases of 177% and 186%, respectively.
Ram Narayanan, Country Manager at Check Point Software Technologies, Middle East, said, “In Q2 2024, the escalation of cyber attacks globally and within the UAE underscores the pressing need for robust cybersecurity measures. As threat actors become more sophisticated, leveraging advanced techniques like AI and machine learning, it is important that organizations evolve their defense strategies accordingly. Cyber threat defenses should be focused on prevention to tackle the dynamic nature of the threats organizations are exposed to. The data from Check Point Research underscores the critical sectors needing immediate attention and reinforces the necessity of a multi-layered security approach to safeguard organizations across all sectors. We strongly recommend organizations everywhere to take note of our tips and best practices, to better protect themselves against the evolving and relentless cyber threat landscape.”
Tips for Prevention and Mitigation
Organizations must take proactive steps to safeguard their data and systems. Here are some strategies inspired by best practices from Check Point Software:
- Enhance Security Posture: Regularly update and patch systems to close vulnerabilities. Multi-layered security measures, including firewalls and endpoint protection, are essential.
- Employee Training and Awareness: Regular training sessions can educate employees about the latest cyber threats and phishing tactics, fostering a culture of vigilance.
- Advanced Threat Prevention: Utilize technologies such as sandboxing and anti-ransomware tools to detect and block sophisticated attacks.
- Adopt Zero Trust Architecture: Implement strict identity verification for every person and device attempting to access network resources.
- Regular Backups and Incident Response Planning: Ensure regular backups of critical data and develop comprehensive incident response plans to quickly address and mitigate the impact of attacks.
- Network Segmentation: Isolate critical systems to limit the spread of attacks and protect sensitive information.
- Vulnerability Management: Conduct regular vulnerability assessments and penetration testing, prioritizing remediation efforts based on potential impact.
The dramatic rise in cyber-attacks globally, particularly ransomware incidents, signals an urgent need for robust cyber security frameworks. Organizations must prioritize cyber security, adopting customized strategies to effectively combat the evolving threat landscape. By implementing advanced security measures, fostering a culture of awareness, and preparing for potential incidents, businesses can better defend against the relentless tide of cyber threats. The time to act is now, before the next wave of attacks strikes.