The past twelve months represents one of the most turbulent and disruptive periods on record, at least as far as security is concerned. As governments and businesses around the world continued to navigate the uncharted waters of a global pandemic, the so-called “new normal” still felt a long way off. Digital transformation efforts were dramatically accelerated as businesses embraced hybrid and remote working arrangements, but the same questions around security maturity that plagued many businesses in 2020 persisted through 2021. While some of those questions remain up in the air, threat actors have wasted no time whatsoever in turning the situation to their advantage. Cyberattacks are up by an average of 50% since we issued our last annual report, with the education and research sector suffering the biggest blow, averaging 1,605 attacks every single week throughout the year. As predicted, the infamous SolarWinds breach appears to have kickstarted a trend of supply chain attacks that have persisted throughout the year, showing no signs of slowing down.
In this 2022 Security Report, we will reveal the key attack vectors and techniques that our researchers here at Check Point Software have observed over the past year. From a new generation of highly sophisticated supply chain attack methods, right through to the Log4j vulnerability exploit that rendered hundreds of thousands of businesses open to a potential breach.
We’ll start with a month-by-month rundown of the year’s major cyber events, before doing a deep dive into some of the emerging trends that will undoubtedly shape the year to come. We’ll discuss cloud services, developments in the mobile landscape and IoT, cracks in the ransomware ecosystem, the return of Emotet, and, of course, the Log4J zero-day vulnerability that punctuated an already busy year.
Maya Horowits,
VP Research, Check Point