Threat intelligence from the second half of 2020 demonstrates an unprecedented cyberthreat landscape where cyber adversaries maximized the constantly expanding attack surface to scale threat efforts around the world reveals FortiGuard Labs Global Threat Landscape Report.
Fortinet has revealed the findings of its latest semiannual on Monday. According to the report, adversaries proved to be highly adaptable, creating waves of disruptive and sophisticated attacks. They targeted the abundance of remote workers or learners outside the traditional network, but also showed renewed agility in attempts to target digital supply chains and even the core network.
FortiGuard Labs data shows a sevenfold increase in overall ransomware activity compared to 1H 2020, with multiple trends responsible for the increase in activity.
The evolution of Ransomware-as-a-Service (RaaS), a focus on big ransoms for big targets, and the threat of disclosing stolen data if demands were not met combined to create conditions for this massive growth.
In addition, with varying degrees of prevalence, the most active of the ransomware strains tracked were Egregor, Ryuk, Conti, Thanos, Ragnar, WastedLocker, Phobos/EKING and BazarLoader. Sectors that were heavily targeted in ransomware attacks included healthcare, professional services firms, consumer services companies, public sector organizations, and financial services firms. Fortinet suggests that in a bid to effectively deal with the evolving risk of ransomware, organizations will need to ensure data backups are timely, complete, and secure off-site. Zero-trust access and segmentation strategies should also be investigated to minimize risk.
Michael Joseph, Director System Engineering, India & SAARC, Fortinet says, “2020 witnessed a dramatic cyberthreat landscape from beginning to end. Although the pandemic played a central role, as the year progressed cyber adversaries evolved attacks with increasingly disruptive outcomes. They maximized the expanded digital attack surface beyond the core network, to target remote work or learning, and the digital supply chain. Cybersecurity risk has never been greater as everything is interconnected in a larger digital environment. Integrated and AI-driven platform approaches, powered by actionable threat intelligence, are vital to defend across all edges and to identify and remediate threats organizations face today in realtime.”