SUNNYVALE, Calif., Aug. 13, 2018 (GLOBE NEWSWIRE) --
Phil Quade, chief information security officer, Fortinet
“Cyber adversaries are relentless. Increasingly, they are automating their toolsets and creating variations of known
exploits. Of late, they are also more precise in their targeting, relying less on blanket attempts to find exploitable
victims. Urgently, organizations must pivot their security strategy to address these tactics. Organizations should leverage automated and
integrated defenses to address the problems of speed and scale, utilize high-performance behavior-based detection, and rely on
AI-informed threat intelligence insights to focus their efforts on patching vulnerabilities that matter.”
News Summary:
Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today announced the findings
of its latest Global Threat Landscape Report. The research reveals cyber criminals are becoming smarter and
faster in how they leverage exploits to their advantage. They are also maximizing their efforts by targeting an expanding attack
surface and by using iterative approaches to software development facilitating the evolution of their attack methodologies. For a
detailed view of the findings and some important takeaways for CISOs read the blog. Highlights of the report follow:
- Virtually No Firm is Immune from Severe Exploits: Analysis focused on critical and high-severity
detections demonstrates an alarming trend with 96% of firms experiencing at least one severe exploit. Almost no firm is immune to
the evolving attack trends of cyber criminals. In addition, nearly a quarter of companies saw cryptojacking malware, and only six
malware variants spread to over 10% of all organizations. FortiGuard Labs also found 30 new zero-day vulnerabilities during the
quarter.
-
Cryptojacking Moves to IoT Devices in the Home: Mining for cryptocurrency continues, cyber criminals
added IoT devices, including media devices in the home to their arsenals. They are an especially attractive target because of their rich source of computational horsepower, which can be used
for malicious purposes. Attackers are taking advantage of them by loading malware that is continually mining because these
devices are always on and connected. In addition, the interfaces for these devices are being exploited as modified web
browsers, which expands the vulnerabilities and exploit vectors on them. Segmentation will be increasingly important for
devices connected to enterprise networks as this trend continues.
-
Botnet Trends Demonstrate the Creativity of Cyber Criminals: Data on botnet trends gives a valuable
post-compromise viewpoint of how cybercriminals are maximizing impact with multiple malicious actions. WICKED, a new
Mirai botnet variant, added at least three exploits to its arsenal to target unpatched IoT devices. VPNFilter, the advanced nation-state-sponsored attack that targets SCADA/ICS environments by monitoring MODBUS
SCADA protocols, emerged as a significant threat. It is particularly dangerous because it not only performs data exfiltration,
but can also render devices completely inoperable, either individually or as a group. The Anubis variant from the Bankbot
family introduced several innovations. It is capable of performing ransomware, keylogger, RAT functions, SMS interception, lock
screen, and call forwarding. Keeping tabs of morphing attacks with actionable threat intelligence is vital as creativity
expands.
-
Malware Developers Leverage Agile Development: Malware authors have long relied on polymorphism to evade detection. Recent attack trends show they are turning to agile development
practices to make their malware even more difficult to detect and to counter the latest tactics of anti-malware products.
GandCrab had many new releases this year, and its developers continue to update this malware at
a rapid pace. While automation of malware attacks presents new challenges, so does agile development because of the skills and
processes to roll out new evading releases of attack methods. To keep pace with the agile development cyber criminals are
employing, organizations need advanced threat protection and detection capabilities that help them pinpoint these recycled
vulnerabilities.
- Effective Targeting of Vulnerabilities: Adversaries are selective in determining what
vulnerabilities they target. With exploits examined from the lens of prevalence and volume of related exploit detections, only
5.7% of known vulnerabilities were exploited in the wild. If the vast majority of vulnerabilities won’t be exploited,
organizations should consider taking a much more proactive and strategic approach to vulnerability remediation.
-
Education and Government Application Usage: When comparing application count usage across industries,
government use of SaaS applications is 108% higher than the mean and is second to education in the total number of applications used daily, 22.5% and 69% higher than the mean,
respectively. The likely cause for the higher usage in these two industry segments is a greater need for a wider diversity of
applications. These organizations will require a security approach that breaks down silos between each of these applications,
including their multi-cloud environments, for transparent visibility and security controls.
Combating Evolving Attacks Requires Integrated Security Powered by Threat Intelligence
The threat data in this quarter’s report once again reinforces many of the prediction trends unveiled by the FortiGuard Labs global research team for 2018. A security fabric that is integrated across the attack surface and between each security element
is vital. This approach enables actionable threat intelligence to be shared at speed and scale, shrinks the necessary windows of
detection, and provides the automated remediation required for the multi-vector exploits of today.
Report Methodology
The Fortinet Global Threat Landscape Report is a quarterly view that
represents the collective intelligence of FortiGuard Labs drawn from Fortinet’s vast array of sensors during Q2 2018.
Research data covers global, regional, industry sector, and organizational perspectives. It focuses on three central and
complementary aspects of that landscape, namely application exploits, malicious software, and botnets. It also examines important
zero-day vulnerabilities and infrastructure trends to add context about the trajectory of cyber attacks affecting organizations
over time. To complement the report, Fortinet publishes a free, subscription-based Threat Intelligence Brief that reviews the top malware, virus, and web-based threats discovered
every week, along with links to valuable FortiGuard Labs threat research.
Additional Resources
Read our blog for more information about the research or to access the full threat report.
Read our blog to learn more about new enhancements to our FortiGuard security services portfolio.
Sign up for the weekly FortiGuard Threat Intelligence Briefs or the FortiGuard Threat Intelligence Service.
Read more about our Network Security Expert program, Network Security Academy program or our FortiVets program.
Read more about the Fortinet Security Fabric or the Third Generation of Network Security.
Follow Fortinet on Twitter, LinkedIn, Facebook, YouTube, and Instagram.
About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet
empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on
ever-increasing performance requirements of the borderless network - today and into the future. Only the Fortinet Security Fabric
architecture can deliver security without compromise to address the most critical security challenges, whether in networked,
application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than
360,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.
FTNT-O
Copyright © 2018 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks
and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited
to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiASIC, FortiMail,
FortiClient, FortiSIEM, FortiSandbox, FortiWiFi, FortiAP, FortiSwitch, FortiWeb, FortiADC, FortiWAN, and FortiCloud.
Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications
herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the
contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by
Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein
may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and
assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or
other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this
press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those
expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact
are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking
statements, and expressly disclaims any obligation to update these forward-looking statements.
