ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Check Point Research reveals botnets on the rise, software vendors hit hard by cyber attacks

By Catherine Knowles
Wed 26 Jan 2022

Software vendors saw the largest year-on-year growth in 2021 at 146%, according to the 2022 Security Report from Check Point Research (CPR), the threat intelligence arm of the organisation.

The report highlights the education and research sector as the most attacked industry, marking a 75% increase to an average of 1605 weekly attacks, the return of Emotet, cracks in the ransomware ecosystem and vulnerabilities in cloud services.

Concerningly, botnets were the leading attack category worldwide, followed by infostealers and cryptominers, the research shows.

Cyberattacks against the top 16 industries increase by an average of 55% in 2021, and overall organisations experienced 50% more weekly cyber attacks than in 2020.

Education/research sectors saw 1,605 weekly attacks taking the lead (75% increase), government/military saw an average of 1,136 weekly attacks (47% increase), communications saw an average of 1,079 weekly attacks (51% increase), and software vendors experienced the largest year-on-year growth (146%).

Key highlights from the report are as follows.

Supply chain attacks: The infamous SolarWinds attack laid the foundations for a supply chain attack frenzy. 2021 saw numerous sophisticated attacks such as Codecov in April and Kaseya in July, concluding with the Log4j vulnerability that was exposed in December.

The striking impact achieved by this one vulnerability in an open-source library demonstrates the immense inherent risk in software supply chains, the research finds.

Cyber attacks disrupting everyday life: 2021 saw an increase in attacks targeting critical infrastructure which led to huge disruption to individuals’ day-to-day lives, and in some cases even threatened their sense of physical security.

Cloud services under attack: Cloud provider vulnerabilities became much more alarming in 2021 than they were previously.

The vulnerabilities exposed throughout the year have allowed attackers, for varying timeframes, to execute arbitrary code, escalate to root privileges, access mass amounts of private content and even cross between different environments.

Developments in the mobile landscape: Throughout the year, threat actors have increasingly used smishing (SMS phishing) for malware distribution and have invested substantial efforts in hacking social media accounts to obtain access to mobile devices.

The continued digitisation of the banking sector in 2021 led to the introduction of various apps designed to limit face-to-face interactions, and those in turn have led to the distribution of new threats.

Cracks in the ransomware ecosystem: Governments and law enforcement agencies changed their stance on organised ransomware groups in 2021, turning from preemptive and reactive measures to proactive offensive operations against the ransomware operators, their funds and supporting infrastructure.

The major shift happened following the Colonial Pipeline incident in May which made the Biden administration realise they had to step up efforts to combat this threat.

Return of Emotet: One of the most dangerous and infamous botnets in history, is back. Since Emotet’s November return, CPR found the malware’s activity to be at least 50% of the level seen in January 2021, shortly before its initial takedown.

This rising trend continued throughout December with several end-of-year campaigns, and is expected to continue well into 2022, at least until the next takedown attempt.

Check Point Software VP research Maya Horowitz says, “In a year that began with the fallout from one of the most devastating supply chain attacks in history, we’ve seen threat actors grow in confidence and sophistication.

"This culminated in the Log4j vulnerability exploit which, yet again, caught the security community off-guard and brought to the fore the sheer level of risk inherent in software supply chains.

"In the months between, we saw cloud services under attack, threat actors increasing their focus on mobile devices, the Colonial Pipeline held to ransom, and the resurgence of one of the most dangerous botnets in history."

She continues, "But it’s not all doom and gloom. We also saw cracks in the ransomware ecosystem widen in 2021, as governments and law enforcement agencies around the world resolved to take a tougher stance on ransomware groups in particular.

"Instead of relying on reactive and remedial action, some shocking events woke governments up to the fact that they needed to take a more proactive approach to dealing with cyber risk.

"That same philosophy extends to businesses too, who can no longer afford to take a disjointed, siloed, reactionary approach to dealing with threats. They need 360-degree visibility, real-time threat intelligence, and a security infrastructure that can be mobilised in an effective, joined-up manner.”

Check Point Software head of threat intelligence Lotem Finkelstein says, “The recent arrests made in Russia of the REvil ransomware gang is a unique event in the history of cyber as it is the first time that the US Administration has collaborated with the Russian authorities to track down and arrest members of a ransomware group.

"Coming about one year after the Emotet group was taken down there are some key differences and one worrying similarity.

"First, on this occasion, actual arrests of the ringleaders have been made and assets have been seized like high performance cars large amounts of cash and crypto currency.

"However, you cannot arrest code. It only takes one or two members or affiliates of the gang to escape with the key attack tools for REvil to re-merge at a later date, possibly in another country. We can only hope this is not the case.

"The main positive take from this situation is that any ransomware gang that thought Russia was a ‘safe haven’ for them to practice their malicious trade will have to think again.

"This comes on the back of Ukraine closing down similar ransomware gangs in that country. It’s certainly not the end of ransomware, but every measure that governments can take, by sharing intelligence, to restrict such criminal activity is to be welcomed. “

Related stories
Top stories
Story image
Broadband
Telstra enters into new RSP agreement with Opticomm
Telstra has entered into an RSP agreement with Opticomm (A Uniti Group Limited subsidiary) to provide network fibre services to customers.
Story image
Ransomware
Alarming surge in Conti Ransomware Group activity - report
A new report has identified a 7.6 per cent increase in the number of vulnerabilities tied to ransomware in Q1 2022.
Story image
ChildFund
ChildFund launches new campaign to protect children online
ChildFund says WEB Safe & Wise aims to protect children from sexual exploitation and abuse online while also empowering them to become digitally savvy. 
Story image
Data Protection
Barracuda launches new capabilities for API Protection
"Every business needs this type of critical protection against API vulnerabilities and automated bot attacks," Barracuda says.
Story image
Nozomi Networks
Nozomi Networks, Siemens reveal software integration
Nozomi Networks and Siemens have extended their partnership by embedding Nozomi Networks’ software into the Siemens Scalance LPE local processing engine.
Story image
Fintech
Airwallex launches new bank feed integration with NetSuite
Airwallex has launched a new bank feed integration with NetSuite, developed in partnership with NetSuite solution partner, Onlineone.
Story image
Cybersecurity
Noname Security partners with Netpoleon to target API issues
Specialist API security firm Noname Security has appointed Netpoleon as its distributor in Australia and New Zealand.
Story image
Digital Transformation
Pluralsight and Ingram Micro Cloud team up on cloud initiative
Pluralsight has teamed with Ingram Micro Cloud to build upon cloud competence and maturity internally, and externally support partners’ capabilities.
Story image
Cybersecurity
Managed service providers: effective scoping to avoid costly vendor pitfalls
Managed security services are outsourced services focusing on the security and resilience of business networks.
Story image
Remote Working
How zero trust and SD-WANs can support productive remote working
The way people connect with applications and data has changed, users are remotely accessing resources that could be stored anywhere from a corporate data center to the cloud.
Story image
Cybersecurity
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Remote Working
Australia’s remote workers face connectivity and security issues
SOTI's new report finds better video conferencing technology and improved security measures are top concerns for remote workers in Australia.
Story image
Manufacturing
HINDSITE wins Aerospace Xelerated Pitch Challenge with solution to support Boeing
Brisbane-based startup HINDSITE was the winner of the first ever Pitch Challenge organised by Aerospace Xelerated in partnership with Queensland XR Hub. 
Story image
Artificial Intelligence
AI-based email security platform Abnormal Security valued at $4B
"A new breed of cybersecurity solutions that leverage AI is required to change the game and stop the rising threat of sophisticated and targeted email attacks."
Story image
Microsoft
SAS Viya on Microsoft Azure to deliver 204% return - study
The Forrester Total Economic Impact study finds SAS Viya on Microsoft Azure brings a 204% return on investment over three years.
Story image
Alteryx
Decision Inc. Australia enters partnership with Alteryx
Independent data and analytics consultancy Decision Inc. Australia has partnered with automated analytics company Alteryx, expanding its offering to clients.
Story image
Amazon Web Services / AWS
RedShield leverages AWS to scale cybersecurity services
"Working with AWS gives RedShield the ability to mitigate significant application layer DDoS attacks, helping leaders adopt best practices and security architectures."
Story image
Testing
Google and CSIRO use AI to help protect the Great Barrier Reef
Google has partnered with CSIRO in Australia to implement AI solutions that help protect the Great Barrier Reef.
Story image
Wireless
Hands-on review: Technics EAH-A800 Noise Cancelling Wireless Headphones
Designed in Osaka, Japan, these headphones just exude quality. They aren’t heavy, but they feel well built and solid.
Story image
Telstra
Telstra, Google and Accenture launch 5G AR experience for AFL
Telstra, Google and Accenture are developing a new 5G powered augmented reality (AR) experience at Melbourne's Marvel Stadium for the footy season.
Story image
Cybersecurity
Infoblox's State of Security Report spotlights Australian remote work hazards
Attackers exploit weak WiFi, remote endpoints, and the cloud, costing 50% of organisations over $1.3 million in breach damages.
Story image
Sustainability
Legrand unveils Nexpand, a data center cabinet platform
Legrand has unveiled a new data center cabinet platform, Nexpand, to offer the necessary scalability and future-proof architecture for digital transformation.
Story image
Artificial Intelligence
SAS announces new products amid cloud portfolio success
Analytics and AI company SAS is deepening its broad industry portfolio with offerings that support life sciences, energy, and martech.
Story image
Ransomware
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Story image
Ransomware
A third of companies paying ransom don’t recover data - report
Veeam's report finds 76% of businesses who are victims of cyberattacks paid the ransom to recover data, but a third were still unable to get their information back.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
WolfVision
WolfVision announces new range of visualisers
WolfVision has announced a new range of visualisers to help meet multiple industry demands for remote learning and educational solutions.
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Fortinet
Fortinet's Security Fabric hits new record for integrations
The Fortinet Security Fabric has surpassed 500 technology integrations with more than 300 Fabric-Ready Technology Alliance Partners.
Story image
Wireless
Cradlepoint expands its Cellular Intelligence capabilities
Cradlepoint has announced additional Cellular Intelligence capabilities with its NetCloud service.
Story image
Artificial Intelligence
SAS launches human-focused responsible innovation initiative
SAS has launched a responsible innovation initiative, furthering its commitment to equity and putting people first.
Story image
Digital Transformation
How to modernise legacy apps without compromising security
At a time when digital transformation has become central to business, even the most important applications come with a ‘use-by’ date.
Story image
Mobility
Tyson Beckford partners with Element Case on new AppleWatch band
Celebrity Tyson Beckford has collaborated with STM Brands' Element Case brand to create a rugged new accessory.
Story image
Microsoft
New Relic enters multi-year partnership with Microsoft Azure
New Relic has announced a strategic partnership with Microsoft to help enterprises accelerate cloud migration and multi-cloud initiatives. 
Story image
Artificial Intelligence
SAS unveils AI experience to improve kids' batting abilities
SAS has created The Batting Lab, an interactive experience using AI, computer vision and IoT analytics to help kids improve their baseball and softball swings.
Story image
Data solutions
South Australia state satellite makes significant progress
South Australia’s first state satellite has successfully completed the Critical Design Review (CDR), moving it closer to providing tangible data solutions.
Story image
Application Performance Monitoring / APM
Why SolarWinds Partners will have big wins in 2022
We summarise the key recent changes that the monitoring software vendor has made to accelerate its channel business.
Story image
Cybersecurity
Hard numbers: Why ambiguity in cybersecurity no longer adds up
As cybersecurity costs and risks continue to escalate, CEOs continue to struggle with what their investment in cyber protection buys. Getting rid of ambiguity becomes necessary.
Story image
Phishing
KnowBe4 celebrates reaching 50,000 customers worldwide
KnowBe4 has reached the milestone of 50,000 customers, adding nearly 2,500 in the first quarter of 2022 alone.
Story image
Surveillance
Motorola Solutions acquires Videotec S.p.A for security portfolio
Motorola Solutions has acquired Italian ruggedised video security company Videotec S.p.A, along with its portfolio of highly versatile cameras.
Story image
trust
9/10 Aussies to stop spending if personal data compromised
"Based on the patterns we are seeing among Australian consumers, it is evident that trust in a brand is exceptionally important."
Story image
Lightspeed
Lightspeed launches all-in-one marketing platform in A/NZ
ECommerce provider, Lightspeed has launched a new all-in-one marketing solution, Lightspeed Marketing & Loyalty in Australia and New Zealand.
Story image
Cybersecurity
BlackBerry offers Kaspersky replacement cybersecurity for the channel
BlackBerry advises that users of Kaspersky software in Australia and New Zealand undertake a rigorous risk analysis of their current security posture.
Story image
Gaming
PNY launches XLR8 Gaming EPIX memory products in A/NZ
PNY has launched its XLR8 Gaming EPIC-X RGB™ DDR4 Silver 3200MHz and 3600MHz memory products in Australia and New Zealand.