Education and research were the top targets for cyberattackers in 2021, with an average of 1605 attacks per organization per week, a 75% increase from 2020, according to research by Check Point Software Technologies.Pandemic\u2019s push for digital invites threats\u00a0The COVID-19 pandemic has pushed staff in businesses and education to work from home. The resulting need for digital skills and online courses has boosted the digital education market, creating opportunities for study but also for cyberthreats.A major shift to distance learning and the fact that online education organizations have a huge number of non-employees accessing their systems from remote locations widens the exposure, elevating risks, according to Omer Dembinsky, data research manager at Check Point.Following closely behind the education sector is the government and military sector which registered 1136 attacks per organization per week in 2021, a 47% increase from the previous year. Government has always been a major target for such attacks owing to the sensitivity of its undertakings. The shift by governments worldwide to providing services to citizens online created another target.Third on the list is the communication industry, logging 1079 attacks weekly per organization, 51% higher than last year.Constellation Research analyst Liz Miller sees the education sector as an easy target for bad actors as it has not prioritized cybersecurity, while the pandemic \u201cforced educators into being accidental CIOs\u201d as they sought to move teachers, staff, and students onto new technologies from home. \u201cRansomware attackers also understood that schools needed to operate and were not getting as much attention for critical updates and heightened security postures as, say, hospitals or medical institutions,\u201d she said.Top attacks: Log4j vulnerability, ransomwareIn 2021, there was a 50% overall jump in cyberattacks, says Check Point\u2019s Dembinsky.\u201cAlthough the increase was really across the board, in December the added attacks attributed to Log4j vulnerabilities indeed helped push the numbers up. There has also been a 57% increase in ransomware impact on corporate networks and 59% in info stealers,\u201d he said. Check Point found that there were millions of attacks per hour attempting to exploit the Log4j vulnerability, in November and December 2021.Log4j is a free, open-source logging framework developed by Apache logging services, used widely by vendors including AWS, Apple iCloud, IBM, Cisco, Cloudflare, Microsoft, Minecraft, and VMWare, among others. The recently discovered vulnerability allows attackers to execute malicious code remotely on a target computer running the framework. It was first found and reported by Chen Zhaojun of the Alibaba Cloud Security Team on 24 November 2021 and has since been fixed with successive patches.Other key findings of the Check Point report included Africa being the most attacked region in 2021 with 1582 attacks per organization per week, up by 13% against 2020, followed by Asia-Pacific with 1353 attacks and a 25% increase.Top defenses: partnering on privacy, and employee educationAnalysts and researchers have some suggestions for corporate leaders and security officers to deal with the constant rise in attacks.Constellation\u2019s Miller recommends trying to \u201cfind champions in colleagues rather than your usual IT and technology guys,\u201d to partner up in strengthening the security agenda. \u201cI am a huge advocate for a tight alignment and partnership between the CISO and the chief marketing officer,\u201d she says. \u201cA partnership here turns security conversations into brand security conversations where issues like privacy become a strategic value for the organization and not just an operational checklist of compliance.\u201dUnderstanding the different layers of software and networks with timely checks on updates and patches can prove critical while arming against attacks, according to Miller.Check Point\u2019s report suggests a security architecture delivering a unified protection infrastructure with comprehensive and faster protection, as opposed to a scattered infrastructure with pieces that either don\u2019t work together or take awfully long. It also recommends maintaining proper security hygiene, which includes patching, network segmentation, employee education, and implementing state-of-the-art security technology.