Maya Image

VP Research at Check Point Software Technologies

In 1976, Queen Elizabeth II sent the first royal email. It was sent over ARPANET, 7 years before the internet was invented, and a long 13 years before the first recorded internet hack.

Almost 50 years later, email has evolved into a popular communication method, and the most popular vehicle for threat actors to initiate their attacks. In fact, the Check Point Research (cp<r>) annual Security Report shows that in 2022, the proportion of email-delivered-attacks has increased, reaching a staggering record of 86% of all file-based attacks in-the-wild.

In our Security Report, we discuss a few more trends observed by cp<r> throughout the year. The Russia-Ukraine war demonstrated how the traditional, kinetic, war can be augmented by a cybernetic war. It has also influenced the broader threat landscape in the rapid changes of hacktivism and how independent threat actors choose to work for state-affiliated missions. The war has also seen enhanced usage of wiper malware, and this trend has been adopted by several actors, reaching a point where 2022 has seen more wiper attacks globally, than in the previous decade altogether. Traditional cybercrime has also changed - in 2022, threat actors started using more legitimate tools in their operations, including native operating system files, IT software and penetration testing tools, all helping them in their efforts to stay under the radar. In their ransomware attacks, threat actors are starting to skip the encryption process, realizing that the financial rewards comes mostly from data breaches and the threat to publish victim data. In attacks on mobile devices, attackers make a habit out of mimicking legitimate applications, and in the cloud threat landscape – companies’ data is at risk mostly when hosted by third parties, and susceptible to attacks due to misconfigurations, over-permissive roles and permissions, and access keys stored publicly.

In the last days of 2022, we witnessed a dramatic advancement in the field of generative artificial intelligence, now widely available to the public, and which is able to generate highly professional text (code included) on demand in seconds. As we step into 2023, we should keep in mind that this technology may quickly be adopted by threat actors, to craft even more malicious emails, in even better quality than those typically authored by threat actors, and with endless variations of malware and malicious code in general. This comes to prove, yet again, the importance of zero day prevention of attacks, across the entire IT infrastructure, including email, endpoint, network, cloud, and everything in between.

Check Point Software is committed to ensuring our customers are provided the best and prevention-first security across all these vectors. At Check Point Research, we are happy to provide this annual Security Report to help in raising awareness and vigilance, so that we can all join hands in preventing the next cyberattack.