Fortinet’s 1H 2023 Threat Landscape Report provides a detailed analysis of cyber threats over the first half of 2023, allowing you to reevaluate and fine-tune your security strategies. The following are some key takeaways from the report.
Cybercriminal groups operate like traditional enterprises
Today’s threat actors are operating with an organizational structure similar to traditional enterprises. They have well-defined roles, objectives and resources that allow them to rapidly adopt new technologies. This organizational structure, combined with funding from past exploits or nation-state sponsors, empowers them to experiment with and incorporate game-changing technologies, such as generative AI, that make their attacks more complex and harder to detect.
The result of these enterprise business models has been a noticeable increase in precise and focused attacks in different fields. These attacks include complex ransomware operations, large-scale data breaches, and a shift in MITRE ATT&CK strategies.
The “ransomware rollercoaster” continues
Ransomware remains a persistent threat, as it now accounts for 13 times more malware detections compared to the beginning of 2023. However, fewer organizations have fallen victim to ransomware attacks. According to the Fortinet report, 22 percent of firms detected ransomware activity on their networks five years, but today, that number has dropped to 13 percent for the first half of 2023. Unfortunately, the report points out that this decline does not mean that ransomware activity is diminishing. Instead, it suggests that ransomware gangs have become more strategic in their attacks, focusing on targeted victims and using advanced and adaptable methods.
As ransomware activity remains rampant, business leaders around the globe are becoming more concerned about this threat. In a recent survey conducted by Fortinet, of the 78 percent of leaders who claimed their enterprises were prepared for an attack, half still fell victim to them.
The use of wiperware has decreased, for now
Wiper malware is a destructive method of attack that wipes data from infected systems. In previous reports, the FortiGuard Labs team noticed an increase in the use of wiper malware in early 2022, particularly during the Russian-Ukrainian conflict. Although the increase continued throughout the year, it slowed down during the first half of 2023. While wipers are often used by nation-state actors during times of war, cybercriminals have also targeted specific sectors such as technology, manufacturing, government, telecommunications and healthcare using this type of malware. While the use of wiperware has become less prominent, security teams must remain vigilant in identifying it.
Sharing threat intelligence is critical to effectively identifying and remediating cyberattacks from today’s sophisticated cybercrime enterprises. Get your copy of Fortinet’s 1H 2023 Threat Landscape Report to future-proof your security strategy.