Highlighting significant trends and developments from July to December 2023. Key findings reveal that cybercriminals are exploiting new vulnerabilities 43% faster compared to the first half of 2023.
Cyber attackers began exploiting new vulnerabilities on average just 4.76 days after they were disclosed, a 43% increase in speed compared to the first half of 2023. This rapid exploitation underscores the need for vendors to promptly identify and patch vulnerabilities. Transparency in disclosing vulnerabilities to customers is also crucial to protecting assets.
Many organizations are still dealing with vulnerabilities that have been around for over 15 years. Fortinet found that 41% of organizations encountered exploits from vulnerabilities less than a month old, and 98% faced vulnerabilities at least five years old. This highlights the importance of maintaining good security practices and consistently updating and patching systems.
Only 9% of known endpoint vulnerabilities were targeted by attacks. Research revealed that just 0.7% of all Common Vulnerabilities and Exposures (CVEs) on endpoints were actively exploited, suggesting a smaller attack surface for security teams to prioritize.
In the industrial sector, 44% of all ransomware and wiper samples targeted industries such as energy, healthcare, manufacturing, transportation, and automotive. While overall ransomware detections dropped by 70%, attackers are now focusing on more specific targets.
Botnets remained a persistent threat, with command and control (C2) communications taking an average of 85 days to cease after detection. Notable botnets like Gh0st, Mirai, and ZeroAccess were joined by new ones such as AndroxGh0st, Prometei, and DarkGate.
Fortinet observed that 38 out of the 143 advanced persistent threat (APT) groups tracked by MITRE were active in the second half of 2023. Prominent groups included Lazarus Group, Kimusky, APT28, APT29, Andariel, and OilRig.
Insights from FortiRecon revealed that threat actors frequently discussed targeting the finance, business services, and education sectors. Over 3,000 data breaches and 850,000 payment cards were advertised on dark web forums.
Addressing the expanding attack surface and cybersecurity skills shortage requires collaboration and transparency across the cybersecurity industry. Fortinet emphasizes the importance of working with public and private sector organizations, including CERTs, government entities, and academia. Fortinet is committed to enhancing cyber resilience through collaboration with organizations like the Cyber Threat Alliance, Network Resilience Coalition, Interpol, and the World Economic Forum.
By leveraging innovative technology and fostering collaboration, Fortinet aims to strengthen global defenses against the ever-evolving threat landscape.
No comments:
Post a Comment