FortiGuard Labs Threat Research
Fortinet has just released its latest Global Threat Landscape Report for Q4 of 2018. As with previous editions, this latest report is based on data culled from billions of threat events collected by millions of Fortinet devices deployed in live production environments around the world. Fortinet’s team of cybersecurity professionals then takes those key finding for deep analysis and to add critical context.
Two of the key takeaways are that while the number of exploits per firm continues to grow, more alarmingly, botnet infection time has increased as well. Exploits impacting individual firms grew 10% over the quarter, while the number of unique exploits they experienced increased 5%, which indicates that cybercriminals remain hard at work even during the holiday season. At the same time, botnets have also continued to grow, becoming more complex and harder to detect. Time for infection of botnets increased by 15%, growing to an average of nearly 12 infection days per firm.
To address the challenges highlighted in the report from Fortinet, organization need to take the following steps:
Evolve defenses to address the increase in cyberattack complexity. Just as cybercriminals employ machines to propagate botnet attacks, organizations also need to leverage technology advances in the area of AI/ML to combat new, machine-generated attacks. Firms also need to remain vigilant and understand that the threat landscape continues to evolve quarter to quarter—far faster than their usual rate of security review.
Rely on advanced threat intelligence. Cybercriminals are becoming increasingly innovative in the development of their attack methods, as their adoption and refitting of openware malware tools shows, while the complexity of botnets and other attack methods is also increasing. As a result, organizations must remain vigilant, and relying on advanced threat intelligence—including real-time threat-intelligence sharing across all security elements—enables them to keep pace with the volume, velocity, and sophistication of the threat landscape.
Watch for attacks from unexpected vectors that can be mobilized quickly. Though steganography has historically been a low-frequency attack vector, cybercriminals are now using social media to conceal malicious payloads in memes. Security professionals need to guard against these attacks and similar with ongoing cybersecurity awareness training and by ensuring that they have transparent visibility of the entire attack surface, including out to social media sites and into mobile devices that combine personal and business data and applications.
We suddenly find ourselves in a position of monitoring the systems used to monitor our physical safety and security. The threats occurring at the convergence of physical and cyber systems are only going to grow in scope in coming months and years. Cybercriminals are closely watching and developing exploits that specifically target these physical systems, such as IP-enabled cameras.
Likewise, cybercriminals are constantly evolving the complexity of their other attack vectors—from morphing opensource malware tools into new threats, to quickly turning a few steganography exploits into a much larger strategy, to continuing to maximize the attack opportunity with the vast insecurity of IoT.
Addressing these challenges requires a consistent and integrated security strategy, tools designed to operate within the framework of today’s digital marketplace, the ability to utilize fresh threat intelligence sources in real time, and the adoption of things like AL and ML to stay ahead of the cyberthreat curve.
View the full report or the Fortinet Threat Landscape Indices for botnets, malware, and exploits for Q4, 2018.
Learn more about the FortiGuard Security Services portfolio or the FortiGuard Security Rating Service, which provides security audits and best practices.
Sign up for the weekly FortiGuard Threat Intelligence Briefs.
Sign up for this webinar to hear more trends and insights from our latest Threat Landscape Report.