Cybercriminals Exploiting New Industry Vulnerabilities 43% Faster, Fortinet Says

As threat actors bind together to attack systems globally, so must the private sector and the government come together to counter cyber threats at all levels.

It’s projected that the impact of cybersecurity will rise to a cost factor of USD10.5 Trillion (RM49.43 Trillion) in 2025, rising from USD3 Trillion (RM14.12 Trillion) in 2015. In Malaysia, the most targeted Sectors are Technology, Government, Manufacturing, Retail and Logistics.

Most common cyber threats in Malaysia are phishing, ransomware, patching, identity theft vulnerabilities and iot-based attacks with 86% of surveyed organisations saw a 2 Time jump in breaches or doubling in 2023.

Fortinet® Inc. released their FortiGuard Labs 2H 2023 Global Threat Landscape Report today which cited that in the second half of 2023, attackers increased the speed with which they capitalised on newly publicised vulnerabilities (43% faster than 1H 2023). There is a need for vendors to dedicate themselves to internally discovering vulnerabilities and developing a patch before exploitation can occur (mitigate instances of 0-Day vulnerabilities) while being proactive and transparent in informing  disclose vulnerabilities to customers to ensure they have the information needed to effectively protect their assets.

“There are over 222,000 vulnerabilities on the Common Vulnerabilities and Exposures (CVE). We witnessed a new record in 2023, with a total of 30,000 new vulnerabilities published—a 17% jump from the previous year,” Fortinet Southeast Asia Senior Director Peerapong Jongvibool (pic) told media practitioners today.

“The evolving threat landscape in Malaysia necessitates a shift to a platform-centric approach in cybersecurity. Traditional, disparate solutions can no longer manage the diverse technologies, hybrid work models, and IT/OT integration that characterise modern networks. Fortinet’s unified security and network platform addresses these complexities by providing comprehensive threat protection, automated vulnerability management, and streamlined operations.”

This integrated strategy not only reduces costs and operational complexity but also ensures that organizations can quickly adapt to new threats, thereby building robust and future-proof cybersecurity operations, he added.

Peerapong added that recent data from the World Economic Forum on the global risk landscape for 2024 revealed AI-generated misinformation and disinformation present a 53% Technology risk factor, second to Extreme weather (66%).

Based on this analysis, the report also found some vulnerabilities remain unpatched for 15+ years with some 41% of organisations detected exploits from signatures less than one month old and nearly every organisation (98%) detected vulnerabilities that have existed for at least five years. FortiGuard Labs also continues to observe threat actors exploiting vulnerabilities that are more than 15 years old, reinforcing the need to remain vigilant about security hygiene and a consistent patching and updating programme, employing best practices and guidance to improve the overall security of networks.

Some 44% of all ransomware and wiper samples targeted the industrial sectors: Across all of Fortinet’s sensors, ransomware detections dropped by 70% compared to the first half of 2023. The observed slowdown in ransomware over the last year can best be attributed to attackers shifting away from the traditional “spray and pray” strategy to more of a targeted approach, aimed largely at the energy, healthcare, manufacturing, transportation and logistics, and automotive industries.

Botnets showed incredible resiliency, taking on average 85 days for command and control (C2) communications to cease after first detection: While bot traffic remained steady relative to the first half of 2023, FortiGuard Labs continued to see the more prominent botnets of the last few years, such as Gh0st, Mirai, and ZeroAccess, but three new botnets emerged in the second half of 2023, including: AndroxGh0st, Prometei, and DarkGate.

Some 38 of the 143 advanced persistent threat (APT) groups listed by MITRE were observed to be active during 2H 2023: FortiRecon, Fortinet’s digital risk protection service, intelligence indicates that 38 of the 143 Groups that MITRE tracks were active in the 2H 2023. Of those, Lazarus Group, Kimusky, APT28, APT29, Andariel, and OilRig were the most active groups.

Given the targeted nature and relatively short-lived campaigns of APT and nation-state cyber groups compared to the long life and drawn-out campaigns of cybercriminals, the evolution and volume of activity in this area is something FortiGuard Labs will be tracking on an ongoing basis.

The latest semi-annual report by the global cybersecurity leader in driving the convergence of networking and security is a snapshot of the active threat landscape and highlights trends from July to December of 2023, including analysis on the speed with which cyber attackers are capitalising on newly identified exploits from across the cybersecurity industry and the rise of targeted ransomware and wiper activity against the industrial and operational technology sector.

The report also points to the need for vendors to adhere to vulnerability disclosure best practices and for organisations to improve cyber hygiene and patch management.

Fortinet Asia & ANZ Vice President of Marketing and Communications Rashish Pandey said: “The 2H 2023 Global Threat Landscape Report from FortiGuard Labs underscores the speed at which threat actors are exploiting newly disclosed vulnerabilities.

“In this environment, both vendors and customers play crucial roles, particularly in Southeast Asia. Vendors must ensure robust security throughout the product lifecycle and maintain transparency in vulnerability disclosures. As cybersecurity threats become more sophisticated, adopting a platform-centric approach is vital. This approach consolidates security tools, enhances operational efficiency, and enables rapid adaptation to emerging threats, helping organizations to build resilient and future-proof cybersecurity defences.”

Turning the Tide Against Cybercrime

With the attack surface constantly expanding and an industrywide cybersecurity skills shortage, it’s more challenging than ever for businesses to properly manage complex infrastructure composed of disparate solutions, let alone keep pace with the volume of alerts from point products and the diverse tactics, techniques, and procedures threat actors leverage to compromise their victims.

Turning the tide against cybercrime requires a culture of collaboration, transparency, and accountability on a larger scale than from just individual organizations in the cybersecurity space. Every organisation has a place in the chain of disruption against cyberthreats. Collaboration with high-profile, well-respected organizations from both the public and private sectors, including cybersecurity emergency response teams (CERTs), government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally.

It’s through constant technology innovation and collaboration across industries and working groups, such as Cyber Threat Alliance, Network Resilience Coalition, Interpol, the World Economic Forum (WEF) Partnership Against Cybercrime, and WEF Cybercrime Atlas, that will collectively improve protections and aid in the fight against cybercrime globally.

Previous articleF&N Tops Today’s Bursa Malaysia While HLIND Fell
Next articleChina A ‘True Friend’ And Not To Be Feared: Anwar

LEAVE A REPLY

Please enter your comment!
Please enter your name here