Tag: Fortinet Accelerate

  • Cybercriminals are now quicker in exploiting vulnerabilities – Fortinet

    Cybercriminals are now quicker in exploiting vulnerabilities – Fortinet

    Fortinet Releases 2H 2023 Global Threat Landscape Report, Highlighting Speed of Cyber Attacks and Rise of Targeted Ransomware

    Fortinet, a global cybersecurity leader, has released its 2H 2023 Global Threat Landscape Report, providing a snapshot of the active threat landscape from July to December 2023. The report highlights the speed at which cyber attackers are capitalizing on newly identified exploits and the rise of targeted ransomware and wiper activity against the industrial and OT sectors.

    Key findings from the report include that attacks started on average 4.76 days after new exploits were publicly disclosed, with attackers increasing the speed of exploitation by 43% compared to the first half of 2023. This underscores the need for vendors to dedicate themselves to internally discovering vulnerabilities and developing patches before exploitation can occur, as well as the importance of proactive and transparent vulnerability disclosures to ensure effective protection.

    The report also notes that some N-Day vulnerabilities remain unpatched for 15+ years, with 41% of organizations detecting exploits from signatures less than one month old and nearly every organization detecting N-Day vulnerabilities that have existed for at least five years. This reinforces the need for organizations to remain vigilant about security hygiene and to act quickly through consistent patching and updating programs.

    In terms of targeted ransomware and wiper activity, the report found that 44% of all ransomware and wiper samples targeted the industrial sectors, with a significant slowdown in ransomware detections compared to the first half of 2023. This can be attributed to attackers shifting away from the traditional “spray and pray” strategy to a more targeted approach, aimed largely at the energy, healthcare, manufacturing, transportation, and logistics, and automotive industries.

    Botnets showed incredible resiliency, with command and control (C2) communications ceasing on average 85 days after first detection. The report also observed the emergence of three new botnets in the second half of 2023, including AndroxGh0st, Prometei, and DarkGate.

    FortiRecon, Fortinet’s digital risk protection service, intelligence indicates that 38 of the 143 advanced persistent threat (APT) groups listed by MITRE were active during 2H 2023, with Lazarus Group, Kimusky, APT28, APT29, Andariel, and OilRig being the most active groups.

    The report also includes findings from dark web discourse, which show that threat actors discussed targeting organizations within the finance industry most often, followed by the business services and education sectors. Over 3,000 data breaches were shared on prominent dark web forums, and more than 850,000 payment cards were advertised for sale.

    The report emphasizes the need for a culture of collaboration, transparency, and accountability to effectively combat cybercrime. Fortinet is committed to enhancing cyber resilience globally through constant technology innovation and collaboration across industries and working groups, such as the Cyber Threat Alliance, Network Resilience Coalition, Interpol, the World Economic Forum (WEF) Partnership Against Cybercrime, and WEF Cybercrime Atlas.