Attack traffic reached a record high in the second quarter of 2019. That’s what Fortinet’s Global Threat Landscape Report says. Attack traffic increased by almost 4 percent compared to the same period a year earlier.
Especially in the area of malware and exploits there was more activity, according to the report. In addition, malware managed to stay under the radar for longer. This was the case, for example, with Zegost, a malware that steals information and was distributed through a spearphishing campaign.
For example, Zegost used a log file deletion function so as not to be detected. According to Fortinet, this is a method that is not found in regular malware. In addition, Zegost waited to steal information until a specific date, so as not to be noticed.
Ransomware
According to the report, ransomware also remains popular, as evidenced by various attacks on government agencies and educational systems. There is, however, a noticeable shift in this specific form of malware. Attacks are no longer mass and opportunistic, but are increasingly focused on specific organizations that would have enough money to pay the ransom.
In some cases, cybercriminals do extensive reconnaissance before installing the ransomware on systems. That should increase the chances of success.
Another problem is that more vulnerabilities are detected in the Remote Desktop Protocol, such as BlueKeep. This opens the door for remote access for criminals. Ransomware, for example, can be distributed via such vulnerabilities.
Industrial systems
The Global Threat Landscape Report also shows that there is more malicious activity around industrial security systems. In the second quarter, for example, attacks were carried out on systems that have to monitor environmental conditions, security cameras and security systems.
Cyber criminals are also paying more attention to the smart equipment that consumers and businesses are increasingly using. According to the report, cybercriminals are now actively looking for new ways to take control of such devices.
The problem is that the security of these devices is often less important than that of other devices. The reason is that they are not part of traditional IT management.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
12 hours ago
