Ransomware is surging, according to the latest Global Threat Landscape Report from FortiGuard Labs. The report, released in August, gives us a good idea of what the cybersecurity landscape looks like.
Threat intelligence from the first half of this year shows a tenfold increase in ransomware attacks, which are more frequent and more complex. Botnet detections jumped from 35% to 51% in just six months, according to the report, which also confirmed a broadening of the attack surface through the inclusion of targets in new vertical industries.
What is causing the current situation?
Derek Manky, the chief of security insights and global threat alliances at Fortinet’s FortiGuard Labs said that ransomware has become a monster with an almost 11 times increase from what was recorded last December.
Manky says the surge is fueled by criminals targeting new verticals. Telecommunications and government have been in positions one and two for some time now, with new verticals (like managed service provider Kaseya) and operational technology following closely behind.
Kaseya, used by managed service providers, experienced an attack earlier this year that made copies of REvil ransomware to downstream systems.
Threat actors keep coming
Threat actors have set their sights on supply chain players and leveraged powerful botnets to exploit IoT (Internet of Things) devices and increase their scale. Hackers have created more powerful variants of the Mirai botnet, malware that targets networked devices running Linux, into remotely controlled bots.
Mirai is an IoT botnet which means it sits inside both home and consumer networks, which can be a big problem, according to Manky.
There has been positive progress during this security crisis. The EMOTET takedown in January dropped its activity by half and has been consistently low since. A lot remains to be done, though.