Fortinet announced the findings of the latest FortiGuard Labs Global Threat Landscape Report. Global trends demonstrate that the prevalence and detection of threats may differ by geography, but the sophistication and automation of attacks remain consistent everywhere. In addition, the need to prioritize cybersecurity hygiene remains urgent around the world as threats are scaling faster than ever before.
Highlights of the reports as follows
Research shows significant levels of activity across regions associated with Charming Kitten, an Iran-linked advanced persistent threat (APT) group in Q4. Active since around 2014, the recent activity suggests that the threat actor has expanded into the election disruption business, having been linked to a series of attacks on targeted email accounts associated with a presidential election campaign.
IoT devices continue to be challenged with exploitable software and these threats can affect unexpected devices such as wireless IP cameras. This situation is magnified when components and software are embedded into different commercial devices sold under a variety of brand names, sometimes by different vendors. A lack of patch awareness or availability, the prevalence of vulnerabilities in some IoT devices, and the documented attempts to “enslave” these devices in IoT botnets all contributed to these exploits having the third-highest volume among all IPS detections during the quarter.
Spam continues to be one of the top issues for organizations and individuals to deal with. This quarter’s report combines the volume of spam flow between nations with data showing the ratios of spam sent vs. spam received, visually revealing a new perspective on an old problem. The majority of spam volume seems to follow economic and political trends. For example, the heaviest “spam trade partners” of the United States include Poland, Russia, Germany, Japan, and Brazil.
Looking at IPS triggers detected in a region not only shows what resources are being targeted, but may also indicate what cybercriminals might focus on in the future, either because enough of those attacks were ultimately successful, or simply because there is more of a certain type of technology deployed in some regions. But that’s not always the case. In addition, when taking a similar look at malware detections, the majority of threats targeting organizations are Visual Basic for Applications (VBA) macros. This is likely because they are still effective and producing results. In general, detections for things that are not working won’t remain high for long and if there are a significant amount of detections for something, someone is falling prey to these attacks.
“In the cyber arms race, the criminal community has often had a distinct advantage due to the growing cyber skills gap, the expanding digital attack surface, and by leveraging the element of surprise with tactics such as social engineering to take advantage of unsuspecting individuals. To get out ahead of the cycle of increasingly sophisticated and automated threats, organizations need to use the same sorts of technologies and strategies to defend their networks that criminals are using to attack them. That means adopting integrated platforms that leverage the power and resources of AI-driven threat intelligence and playbooks to enable protection and visibility across the digital infrastructure,” says Michael Joseph, Director System Engineering, India & SAARC, Fortinet.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.