The Covid-19 pandemic gave rise to the new norm on a global scale: remote work and online learning. Cybersecurity firm Fortinet revealed that the traditional network used by the majority of workforce and academe is leaving a larger attack surface for cybercriminals.
This looming threat, however, remains an opportunity for both public and private sectors to collaborate on with regards to disrupting the cybercriminal ecosystem. Although the increase in volume and sophistication of attack remain significant, threat intelligence partnered with law enforcement efforts pose an effective solution to curb this dilemma.
Fortinet’s semi-annual FortiGuard Labs Global Threat Landscape Report also shed light on the volume of ransomware activity of this year compared to last year, which has grown exponentially. These attacks are targeting supply chains of multiple organizations and are affecting critical infrastructure and productivity.
One of the most heavily targeted sectors are telecommunications, followed by the government, managed security providers, automotive, and manufacturing. There has been a shift from email-initiated payloads previously employed by ransomware operators to selling initial access into corporate networks, a movement considered as a major behavioral change regarding the evolution of Ransomware-as-a-Service.
To protect themselves, organizations will have to take a proactive approach that spans across real-time endpoint protection, detection, automated response solutions to secure environments along with a zero-trust access approach, network segmentation, and encryption.
The report also uncovered the rise of social engineering techniques, mainly driven by malvertising and scareware. This uptrend is encouraged by hybrid work situations which are being specifically targeted by cybercriminals and Fortinet urged organizations to have greater cybersecurity awareness in order to avoid falling victim to these tactics.
More than a year into remote work and learning shifts, cyber adversaries continue to target our evolving daily habits to exploit the opportunity. To protect networks and applications, organizations need zero-trust access approaches to provide least access privileges to secure against IoT endpoint and devices entering the network.
“We are seeing an increase in effective and destructive cyberattacks affecting thousands of organizations in a single incident creating an important inflection point for the war on cybercrime. Now more than ever, everyone has an important role in strengthening the kill chain,” shared Derek Manky, FortiGuard Labs chief of security insights and global threat alliances.
The first half of 2021 can potentially curb the emerging attack trends since government and law enforcement agencies are actively addressing cybercrimes, partnering with industry vendors, threat intelligence organizations, and other global partnership organizations. Nevertheless, automated threat detection and AI remain essential for real time mitigation across all edges.
“Aligning forces through collaboration must be prioritized to disrupt cybercriminal supply chains. Shared data and partnership can enable more effective responses and better predict future techniques to deter adversary efforts. Continued cybersecurity awareness training as well as AI-powered prevention, detection, and response technologies integrated across endpoints, networks, and the cloud remain vital to counter cyber adversaries,” Manky said.