INFOGRAPHIC
INFOGRAPHIC
IoT devices in the home are
latest target for cryptojacking
Fortinet’s latest Global Threat Landscape
Report reveals cybercriminals are
becoming smarter and faster in how they
leverage exploits to their advantage.
F
ortinet, a global leader in broad, integrated and automated
cybersecurity solutions, has announced the findings of its
latest Global Threat Landscape Report. The research reveals
cybercriminals are becoming smarter and faster in how they leverage
exploits to their advantage. They are also maximising their efforts
by targeting an expanding attack surface and by using iterative
approaches to software development facilitating the evolution of
their attack methodologies.
Phil Quade, Chief Information Security Officer, Fortinet, said:
“Cyber-adversaries are relentless. Increasingly, they are automating
their tool-sets and creating variations of known exploits. Of late,
they are also more precise in their targeting, relying less on blanket
attempts to find exploitable victims. Urgently, organisations must
pivot their security strategy to address these tactics. Organisations
should leverage automated and integrated defences to address the
problems of speed and scale, utilise high-performance behaviour-
based detection and rely on AI-informed threat intelligence insights
to focus their efforts on patching vulnerabilities that matter.”
Highlights of the report are as follows:
Virtually no firm is immune from severe exploits
Analysis focused on critical and high-severity detections
demonstrates an alarming trend with 96% of firms experiencing at
least one severe exploit. Almost no firm is immune to the evolving
attack trends of cybercriminals. In addition, nearly a quarter of
companies saw cryptojacking malware and only six malware variants
spread to over 10% of all organisations. FortiGuard Labs also found
30 new zero-day vulnerabilities during the quarter.
Cryptojacking moves to IoT devices in the home
Botnet trends demonstrate the creativity of cybercriminals
Mining for cryptocurrency continues. Cybercriminals added IoT
devices, including media devices in the home, to their arsenals. They
are an especially attractive target because of their rich source of
computational horsepower, which can be used for malicious purposes.
Attackers are taking advantage of them by loading malware that is
continually mining because these devices are always on and connected.
In addition, the interfaces for these devices are being exploited as
modified web browsers, which expands the vulnerabilities and exploit
vectors on them. Segmentation will be increasingly important for
devices connected to enterprise networks as this trend continues.
24
INTELLIGENTCIO
Data on botnet trends gives a valuable post-compromise viewpoint
of how cybercriminals are maximising impact with multiple malicious
actions. WICKED, a new Mirai botnet variant, added at least three
exploits to its arsenal to target unpatched IoT devices. VPNFilter, the
advanced nation-state-sponsored attack that targets SCADA/ICS
environments by monitoring MODBUS SCADA protocols, emerged as
a significant threat. It is particularly dangerous because it not only
performs data exfiltration but can also render devices completely
inoperable, either individually or as a group. The Anubis variant from
www.intelligentcio.com