EDITOR’S QUESTION
WHAT
CYBERSECURITY
TRENDS WILL MAKE
THE BIGGEST IMPACT
IN 2020?
//////////////////////////////////////////////////////////////////////////////////////////////////////////
F
ortinet, a global leader in broad,
integrated and automated
cybersecurity solutions, has announced
the findings of its latest quarterly Global
Threat Landscape Report. automation and AI to enhance their ability to correlate threat
intelligence and respond to threats in real time. This approach will
only be successful, however, when organisations integrate all of their
security resources into a security fabric that can see across and adapt
to their rapidly expanding network.”
The research reveals that cybercriminals
continue to look for new attack opportunities
throughout the digital attack surface. At the
same time, they are shifting attack vectors
such as targeting publicly available Edge
services to counter training and education
efforts by organisations that address popular
tactics such as phishing. The majority of malware is delivered via email, therefore many
organisations have been aggressively addressing phishing attacks
with end-user training and advanced email security tools. As
a result, cybercriminals are expanding their ability to deliver
malicious malware through other means. These include targeting
publicly facing Edge services such as web infrastructure, network
communications protocols, as well as bypassing ad blocker tools to
open attack vectors that don’t rely on traditional phishing tactics.
The Threat Landscape Index remained
relatively consistent during the quarter.
There were fluctuations but no significant
swings. Regardless, organisations should
not let their guard down, instead the index
demonstrates consistent and sustained
cybercriminal activity. For example, this quarter FortiGuard Labs saw attacks against
vulnerabilities that would allow the execution of code remotely
targeting edge services, at the top in terms of prevalence among
all regions. Although this tactic is not new, changing tactics where
defenders may not be as closely watching can be a successful way
to catch organisations off guard and increase chances for success.
This can be especially problematic ahead of a busy online shopping
season when online services will experience increased activity.
Derek Manky, Chief, Security Insights and
Global Threat Alliances, Fortinet, said:
“Cybercriminals continue to attempt to be
a step ahead of cybersecurity professionals.
While they develop new malware and zero-
day attacks, they also redeploy previously
successful tactics to maximise opportunity
across the entire attack surface.
“In addition to essential strategies like
patching, segmenting and training,
organisations also need to embrace
30
INTELLIGENTCIO
Following in the footsteps of the lucrative GandCrab ransomware,
which was made available on the Dark Web as a Ransomware-as-
a-Service solution, cybercriminal organisations are launching new
services to expand their earning potential.
By establishing a network of affiliate partners, criminals are able to
spread their ransomware widely and scale earnings dramatically
in the process. FortiGuard Labs observed at least two significant
ransomware families – Sodinokibi and Nemty – being deployed as
RaaS solutions. These are potentially just the beginning of what
could be a flood of similar services in the future.
www.intelligentcio.com