Cyberattacks have grown more sophisticated, ransomware incidents are targeting critical sectors, and IoT vulnerabilities are surging, according to FortiGuard Labs' "2H 2023 Global Threat Landscape Report."
The report underscores the continued dynamic nature of digital security risks, but with an ever-expansive number of attack touchpoints and rapid exploitation of new vulnerabilities.
"The need to understand where your attack surface gaps in detection, mitigation, and response lie is more vital than ever,” is one conclusion in the report, which was produced by the FortiGuard Labs unit of Fortinet.
The full report can be downloaded here.
"The creation and prevalence of exploits are on the rise” -- largely because they are often targeting underprotected or unprotected IoT devices, the report found.
Notably, FortiGuard Labs found that 41 percent of organizations detected activity for exploits less than one month old — a measure that shows cyber threats are moving at a pace that gives solution providers and their customers no rest for the weary.
In its report, FortiGuard Labs listed among the top cyber threats facing organizations:
- Ransomware attacks. Ransomware detections surged significantly, targeting critical industries such as healthcare, utilities, manufacturing, and finance. According to the report, "Ransomware detections surged 13 (times) higher over the first half of 2023."
- IoT exploits. Exploits targeting IoT devices are on the rise, with vulnerabilities in routers, cameras, and other IoT equipment frequently targeted.
- Credential stealers. There has been a notable increase in systems infected by credential stealers like Lumma, Redline, Vidar, and Raccoon, compromising sensitive information.
- Advanced Persistent Threats (APTs). Several APT groups, such as Lazarus Group and APT 28, remain highly active, employing sophisticated tactics to breach organizations. The report notes, "The Lazarus Group is an APT group sponsored by the North Korean government,” observed employing Dlang-based RAT malware in the wild.
- Botnets. New botnets like Androxgh0st, Prometei, and DarkGate have emerged, demonstrating the persistent threat of botnet traffic and attacks.
- Exploitation of old vulnerabilities. Despite the emergence of new vulnerabilities, old vulnerabilities remain heavily targeted by attackers, emphasizing the need for continuous patching. The report highlights, "Many vulnerabilities, even ones that have existed for years, often remain on threat actors’ radar as active targets."
- Malware attacks. Although the volume of detected malware samples decreased, certain types of malwares, particularly targeted ransomware, are becoming more prevalent.
Solution providers can inquire about partnership with Fortinet at its Engage partner program website.