Fortinet has recently shared the findings of the latest semiannual FortiGuard Labs Global Threat Landscape Report.
Michael Joseph, Director System Engineering, India & SAARC, Fortinet said, “The first six months of 2020 witnessed an unprecedented cyber threat landscape. The dramatic scale and rapid evolution of attack methods demonstrate the nimbleness of adversaries to quickly shift their strategies to maximize the current events centered around the COVID-19 pandemic across the globe. There has never been a clearer picture than now, of why organizations need to adjust their defense strategies going forward to fully take into account the network perimeter extending into the home. It is critical for organizations to take measures to protect their remote workers and help them secure their devices and home networks for the long term. It is also wise to consider adopting the same strategy for cyber viruses that we are adopting in the real world. Cyber social distancing is all about recognizing risks and keeping our distance.”
Seizing the Opportunity in Global Events: Attackers have used subjects in the news as social engineering lures before, but this moved to the next level in the first half of 2020. From opportunistic phishers to scheming nation-state actors, cyber adversaries found multiple ways to exploit the global pandemic for their benefit at enormous scale. This included phishing and business email compromise schemes, nation-state-backed campaigns and ransomware attacks. They worked to maximize the global nature of a pandemic that affected everyone around the world combined with an immediately expanded digital attack surface. These trends were seen with other newsworthy items and demonstrate how quickly attackers can move to take advantage of major developments with broad social impact at a global level.
The Perimeter Gets More Personal: The increase in remote work created a dramatic inverse of corporate networks almost overnight, which cyber adversaries immediately started to leverage as an opportunity. In the first half of 2020, exploit attempts against several consumer-grade routers and IoT devices were at the top of the list for IPS detections. In addition, Mirai and Gh0st dominated the most prevalent botnet detections, driven by an apparent growing interest of attackers targeting old and new vulnerabilities in IoT products. These trends are noteworthy because it demonstrates how the network perimeter has extended to the home with cybercriminals seeking to gain a foothold in enterprise networks by exploiting devices that remote workers might use to connect to their organizations’ networks.
Browsers Are Targets Too: For attackers the shift to remote work was an unprecedented opportunity to target unsuspecting individuals in multiple ways. For example, web-based malware used in phishing campaigns and other scams outranked the more traditional email delivery vector earlier this year. In fact, a malware family that includes all variants of web-based phishing lures and scams ranked at the top for malware in January and February and only dropped out of the top five in June. This may demonstrate the attempt of cybercriminals to target their attacks when individuals are the most vulnerable and gullible—browsing the web at home. Web browsers, not just devices, are also prime targets for cybercriminals, perhaps more than usual, as cybercriminals continue to target remote workers.