(MENAFN- ChatterBox PR & Events) Dubai, UAE. – November 19, 2019
News Summary:
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity
solutions, today announced the findings of its latest quarterly Global Threat Landscape Report.
The research reveals that cybercriminals continue to look for new attack opportunities
throughout the digital attack surface. At the same time, they are shifting attack vectors
such as targeting publicly available edge services to counter training and education
efforts by organizations that address popular tactics such as phishing.
The Threat Landscape Index remained relatively consistent during the quarter. There
were fluctuations but no significant swings. Regardless, organizations should not let their
guard down, instead the index demonstrates consistent and sustained cybercriminal
activity.
For a detailed view of the Threat Landscape Index and subindices for exploits, malware,
and botnets, as well as some important takeaways read the blog.
“Cybercriminals continue to attempt to be a step ahead of cybersecurity professionals. While they
develop new malware and zero-day attacks, they also redeploy previously successful tactics to
maximize opportunity across the entire attack surface,”said Derek Manky, Chief, Security Insights
& Global Threat Alliances, Fortinet. “In addition to essential strategies like patching, segmenting,
and training, organizations also need to embrace automation and AI to enhance their ability to
correlate threat intelligence and respond to threats in real time. This approach will only be
successful, however, when organizations integrate all of their security resources into a security
fabric that can see across, and adapt to their rapidly expanding network.”
Highlights of the report follow.
Shifting Tactics to Catch Organizations By Surprise: The majority of malware is delivered via
email, therefore many organizations have been aggressively addressing phishing attacks with
end user training and advanced email security tools. As a result, cybercriminals are expanding
their ability to deliver malicious malware through other means. These include targeting publicly
facing edge services such as web infrastructure, network communications protocols, as well as
bypassing ad blocker tools to open attack vectors that don’t rely on traditional phishing tactics.
For example, this quarter FortiGuard Labs saw attacks against vulnerabilities that would allow the
execution of code remotely targeting edge services, at the top in terms of prevalence amongst all
regions. Although this tactic is not new, changing tactics where defenders may not be as closely
watching can be a successful way to catch organizations off guard and increase chances for
success. This can be especially problematic ahead of a busy online shopping season when
online services will experience increased activity.
Maximizing Earning Potential: Following in the footsteps of the lucrative GandCrab
ransomware, which was made available on the dark web as a Ransomware-as-a-Service (RaaS)
solution, cybercriminal organizations are launching new services to expand their earning
potential. By establishing a network of affiliate partners, criminals are able to spread their
ransomware widely and scale earnings dramatically in the process. FortiGuard Labs observed at
least two significant ransomware families—Sodinokibi and Nemty—being deployed as RaaS
solutions. These are potentially just the beginning of what could be a flood of similar services in
the future.
Refining Malware for Success: Expanding on these approaches, cybercriminals are also
refining malware to evade detection and deliver increasingly sophisticated and malicious attacks,
such as the evolution of the Emotet malware. This is a troubling development for organizations as
cybercriminals increasingly use malware to drop other payloads on infected systems to maximize
their opportunities for financial gain. Recently, attackers have begun using Emotet as a payload
delivery mechanism for ransomware, information stealers, and banking trojans including TrickBot,
IcedID, and Zeus Panda. In addition, by hijacking email threads from trusted sources and
inserting malicious malware into those email threads, attackers are significantly increasing the
likelihood that those malicious attachments will be opened.
Maximizing Opportunity with Older Vulnerabilities and Botnets: Targeting older, vulnerable
systems that have not been properly secured is still an effective attack strategy. FortiGuard Labs
discovered that cybercriminals target vulnerabilities twelve or more years old more often than
they target new attacks. And in fact, they target vulnerabilities from every subsequent year since
then at the same rate as they do current vulnerabilities.
Similarly, this trend of maximizing existing opportunity also extends to botnets. More so than any
other type of threat, the top botnets also tend to carry over from quarter to quarter and region to
region globally with little change. This suggests the control infrastructure is more permanent than
particular tools or capabilities, and that cybercriminals not only follow new opportunities, but like
legitimate businesses, also leverage existing infrastructure whenever possible to increase
efficiency and reduce overhead.
Protecting for the Unexpected: Broad, Integrated, and Automated Security
The expanding attack surface and shifting attack strategies of cybercriminals means
organizations cannot afford to over-focus on a narrow set of threat trends. It is essential that
organizations adopt a holistic approach to securing their distributed and networked environments.
This requires the deployment of a security fabric that is broad, integrated, and automated. This
approach will enable organizations to reduce and manage the expanding attack surface through
broad visibility across integrated devices, stop advanced threats through AI-driven breach
prevention, and reduce complexity through automated operations and orchestration. In addition,
threat intelligence that is dynamic, proactive, and available in real-time plays a crucial role in
identifying trends by following the evolution of attack methods targeting the digital attack surface
and then pinpointing cyber hygiene priorities.
Report and Index Overview
The latest Fortinet Threat Landscape Report is a quarterly view that represents the collective
intelligence of FortiGuard Labs, drawn from Fortinet’s vast array of global sensors during Q3 of
2019. Research covers global and regional perspectives. Also included in the report is the
Fortinet Threat Landscape Index (TLI), comprised of individual indices for three central and
complementary aspects of that landscape, which are exploits, malware, and botnets, broken
down by prevalence and volume in a given quarter.
Additional Resources
Read the blog for more information about this research.
View the Fortinet Threat Landscape Index and subindices for botnets, malware, and
exploits for Q3, 2019 or access the full report.
View and read the most recent Adversary Playbook – Emotent – from the FortiGuard
Labs team.
For a more detailed view into the changing threats and events driving the Fortinet Threat
Landscape Index each week, check out our weekly Threat Brief.
Learn more about FortiGuard Labs and the FortiGuard Security Services portfolio.
Learn more about the FortiGuard Security Rating Service, which provides security audits
and best practices.
Read more about Fortinet’s Network Security Expert program , Network Security
Academy program, and the FortiVets program.
Read more about the Fortinet Security Fabric.
Follow Fortinet on Twitter, LinkedIn, Facebook, YouTube, and Instagram.
MENAFN1911201900709219ID1099294286
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.