Fortinet’s latest semiannual report sheds light on the growing threat landscape, emphasizing the increasing speed with which cybercriminals exploit vulnerabilities. Here are the key insights from the report covering trends from July to December 2023:
1. Accelerated Exploitation of Vulnerabilities:
- Attacks began on average within 4.76 days after the disclosure of new exploits, indicating a 43% increase in speed compared to the first half of 2023.
- Vendors are urged to proactively discover vulnerabilities, develop patches, and transparently disclose them to customers to mitigate the risk of exploitation.
2. Persistent Vulnerability Exploitation:
- Despite efforts to address new vulnerabilities, organizations continue to face threats from older vulnerabilities, with 41% of organizations detecting exploits from signatures less than one month old.
- Exploitation of vulnerabilities over 15 years old highlights the importance of maintaining security hygiene and promptly patching vulnerabilities.
3. Ransomware Targeting Critical Sectors:
- While overall ransomware detections decreased by 70%, attacks are becoming more targeted, particularly against critical industries such as energy, healthcare, and manufacturing.
- Botnets remain resilient, with an average of 85 days for command and control communications to cease after detection.
4. Advanced Persistent Threat (APT) Groups:
- A total of 38 out of 143 APT groups listed by MITRE were active during the second half of 2023, with notable groups including Lazarus Group, Kimusky, and APT28.
5. Dark Web Activity:
- Dark web forums and channels discuss targeting organizations in the finance, business services, and education sectors, with over 3,000 data breaches shared and 850,000 payment cards advertised for sale.
Recommendations:
- Vendors should prioritize security scrutiny throughout the product development lifecycle and engage in responsible vulnerability disclosures.
- Customers must maintain strict patching regimens to reduce the risk of exploitation in the face of the growing number of vulnerabilities.
As cyber threats evolve and proliferate, collaboration between vendors, customers, and security teams becomes paramount in safeguarding digital assets and mitigating cybersecurity risks.
Leave a Reply