Cyber attacks on UK organisations surged 77% in 2022, new research finds

UK organisations experienced an average of 788 weekly cyber attacks across 2022, marking a 77% increase from 2021.

New figures from Check Point highlight the growing severity of cyber threats in 2022, with attacks surging by 38% compared to the previous year.

The global volume of cyber attacks also reached an all-time high in the fourth quarter of the year with an average of 1,168 weekly attacks per organisation.

This escalation was driven predominately by smaller, more agile threat actors and sophisticated ransomware gangs, Check Point said, many of which targeted healthcare organisations, academic institutions, and the private sector.

“Cyber attacks are increasing worldwide, with 38% more cyber attacks per week on corporate networking in 2022 compared to 2021,” said Omer Dembinsky, data group manager at Check Point. “Several cyber threat trends are all happening at once.”

Growing cyber threats

Across 2022, the education/research sector was the most attacked industry in the UK, the research found. Organisations operating in this industry experienced a weekly average of 2,653 attacks, which is an increase of 237% compared to 2021.

Academic institutions have become a “popular feeding ground for cyber criminals” in the wake of rapid digitisation during the response to the coronavirus pandemic, Dembinsky warned.

Globally, education/research sector was the most targeted industry in 2022, witnessing a 43% increase in threats and a weekly average of 2,314 attacks per organisation.

“Many education institutions have been ill-prepared for the unexpected shift to online learning, creating ample opportunity for hackers to infiltrate networks through any means necessary,” Dembinsky explained.

“Schools and universities also have the unique challenge of dealing with children or young adults, many of which use their own devices, work from shared locations.”

This increase in threats to UK-based organisations reflects a global trend of escalating security threats, according to Check Point.

North America saw a 52% increase in cyber attacks compared to the previous year while European organisations were forced to contend with a 26% surge in threats.

Healthcare in the crosshair

The healthcare sector was another key target for cyber criminals across 2022, Check Point revealed, reflecting a long-running trend that has grown steadily since the onset of the coronavirus pandemic in 2020.

Cyber attacks against US healthcare organisations surged by 86% compared to the year prior with a weekly average of 1,410 attacks confirmed.

This increase means that the healthcare sector was the second most targeted industry in the US last year.

In July, the FBI, Treasury Department and Cybersecurity and Infrastructure Security Agency (CISA) issued an alert over North Korean state-sponsored ransomware groups targeting healthcare organisations.

The FBI said that it has observed and responded to “multiple ransomware incidents” at healthcare providers across the sector as groups bombarded organisations with the Maui ransomware strain.

In August, a software supplier for the NHS was struck by a ransomware attack which caused widespread outages across the health service.

This incident caused disruption to emergency prescription services, ambulance dispatching systems and the 111 non-emergency advice line.

“The healthcare sector is so lucrative to hackers as they aim to retrieve health insurance information, medical records numbers and, sometimes, even social security numbers with direct threats from ransomware gangs to patients, demanding payment under threats of having patient records released,” Dembinsky said.

“Ransomware gangs also find the attention gained from attacking a hospital as an attractive plus-point for their notoriety.”

Ransomware on the rise

A key factor in the deteriorating threat landscape across 2022 was the proliferation of sophisticated and highly aggressive ransomware gangs, Check Point revealed.

Widening attack surfaces were a major consideration for organisations globally last year amidst continued hybrid and remote working practices across a range of industries. And Dembinsky said this distributed, hybrid working environment presented a prime opportunity for hackers to capitalise on weak points in organisational security.

“The ransomware ecosystem is continuing to evolve and grow with smaller, more agile criminal groups that form to evade law enforcement,” he said.

“Hackers are widening their aim to target business collaboration tools such as Slack, Teams, OneDrive and Google Drive with phishing exploits. These make for a rich source of sensitive data given that most organisations’ employees continue to work remotely,” Dembinsky added.