F
Fortinet, a global leader in broad,
integrated and automated cybersecurity
solutions, has announced the findings
of its latest quarterly Global Threat
Landscape Report. facing Edge services such as web
infrastructure, network communications
protocols, as well as bypassing ad
blocker tools to open attack vectors that
don’t rely on traditional phishing tactics.
The research reveals that cybercriminals
continue to look for new attack
opportunities throughout the digital
attack surface. At the same time, they are
shifting attack vectors such as targeting
publicly available Edge services to
counter training and education efforts
by organisations that address popular
tactics such as phishing. In addition to
essential strategies
like patching,
segmenting
and training,
organisations also
need to embrace
automation and AI.
The Threat Landscape Index remained
relatively consistent during the quarter.
There were fluctuations but no significant
swings. Regardless, organisations
should not let their guard down, instead
the index demonstrates consistent and
sustained cybercriminal activity.
Derek Manky, Chief, Security Insights
and Global Threat Alliances, Fortinet,
said: “Cybercriminals continue to attempt
to be a step ahead of cybersecurity
professionals. While they develop new
malware and zero-day attacks, they also
redeploy previously successful tactics to
maximise opportunity across the entire
attack surface.
“In addition to essential strategies like
patching, segmenting and training,
organisations also need to embrace
automation and AI to enhance their
ability to correlate threat intelligence
and respond to threats in real time.
This approach will only be successful,
however, when organisations integrate all
of their security resources into a security
fabric that can see across and adapt to
their rapidly expanding network.”
Highlights of the report
Shifting tactics to catch organisations
by surprise: The majority of malware
is delivered via email, therefore many
organisations have been aggressively
addressing phishing attacks with end
user training and advanced email
security tools. As a result, cybercriminals
are expanding their ability to deliver
malicious malware through other
means. These include targeting publicly
www.intelligentciso.com
|
Issue 20
FEATURE
For example, this quarter FortiGuard
Labs saw attacks against vulnerabilities
that would allow the execution of code
remotely targeting Edge services, at the
top in terms of prevalence amongst all
regions. Although this tactic is not new,
changing tactics where defenders may
not be as closely watching can be a
successful way to catch organisations
off guard and increase chances for
success. This can be especially
problematic ahead of a busy online
shopping season when online services
will experience increased activity.
Maximising earning potential:
Following in the footsteps of the lucrative
GandCrab ransomware, which was
made available on the Dark Web as
a Ransomware-as-a-Service (RaaS)
solution, cybercriminal organisations
are launching new services to expand
their earning potential. By establishing
a network of affiliate partners, criminals
are able to spread their ransomware
widely and scale earnings dramatically in
the process.
FortiGuard Labs observed at least
two significant ransomware families –
Sodinokibi and Nemty – being deployed
as RaaS solutions. These are potentially
just the beginning of what could be a
flood of similar services in the future.
37