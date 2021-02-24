Scale and Evolution Across the Entire Attack Surface Impacts Organizations Everywhere, Across All Edges and the Digital Supply Chain

Derek Manky, Chief, Security Insights & Global Threat Alliances, FortiGuard Labs

“2020 witnessed a dramatic cyber threat landscape from beginning to end. Although the pandemic played a central role, as the year progressed cyber adversaries evolved attacks with increasingly disruptive outcomes. They maximized the expanded digital attack surface beyond the core network, to target remote work or learning, and the digital supply chain. Cybersecurity risk has never been greater as everything is interconnected in a larger digital environment. Integrated and AI-driven platform approaches, powered by actionable threat intelligence, are vital to defend across all edges and to identify and remediate threats organizations face today in real time.”

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced the findings of the latest semiannual FortiGuard Labs Global Threat Landscape Report. Threat intelligence from the second half of 2020 demonstrates an unprecedented cyber threat landscape where cyber adversaries maximized the constantly expanding attack surface to scale threat efforts around the world. Adversaries proved to be highly adaptable, creating waves of disruptive and sophisticated attacks. They targeted the abundance of remote workers or learners outside the traditional network, but also showed renewed agility in attempts to target digital supply chains and even the core network. For a detailed view of the report, as well as some important takeaways, read the blog. Highlights of the 2H 2020 report follow:

Onslaught of Ransomware Continues: FortiGuard Labs data shows a sevenfold increase in overall ransomware activity compared to 1H 2020, with multiple trends responsible for the increase in activity. The evolution of Ransomware-as-a-Service (RaaS), a focus on big ransoms for big targets, and the threat of disclosing stolen data if demands were not met combined to create conditions for this massive growth. In addition, with varying degrees of prevalence, the most active of the ransomware strains tracked were Egregor, Ryuk, Conti, Thanos, Ragnar, WastedLocker, Phobos/EKING and BazarLoader. Sectors that were heavily targeted in ransomware attacks included healthcare, professional services firms, consumer services companies, public sector organizations, and financial services firms. To effectively deal with the evolving risk of ransomware, organizations will need to ensure data backups are timely, complete, and secure off-site. Zero-trust access and segmentation strategies should also be investigated to minimize risk.

Fighting Cyber Adversaries Requires an Integrated Strategy and Broad Awareness

Organizations face a threat landscape with attacks on all fronts. Threat intelligence remains central to understanding these threats and how to defend against evolving threat vectors. Visibility is also critical, particularly when a significant amount of users are outside the typical network scenario. Every device creates a new network edge that must be monitored and secured. The use of artificial intelligence (AI) and automated threat detection can enable organizations to address attacks immediately, not later, and are necessary to mitigate attacks at speed and scale across all edges. Cybersecurity user awareness training should also remain a priority as cyber hygiene is not just the domain of IT and security teams. Everyone needs regular training and instruction on best practices to keep individual employees and the organization secure.

This latest Global Threat Landscape Report is a view representing the collective intelligence of FortiGuard Labs, drawn from Fortinet’s vast array of sensors collecting billions of threat events observed around the world during the second half of 2020. Similar to how the MITRE ATT&CK framework classifies adversary tactics and techniques, with the first three groupings spanning reconnaissance, resource development, and initial access, the FortiGuard Labs Global Threat Landscape Report leverages this model to describe how threat actors find vulnerabilities, build malicious infrastructure, and exploit their targets. The report also covers global and regional perspectives as well.

