Fortinet‘s latest Global Threat Landscape Report reveals a troubling trend: cybercriminals are exploiting newly discovered vulnerabilities at an alarming rate. The report, which analyzes data from July to December 2023, found that attackers are capitalizing on these vulnerabilities 43% faster compared to the first half of 2023. This highlights the critical need for software vendors to prioritize proactive vulnerability discovery and patching to stay ahead of cyber threats.
The report also explores other concerning trends, including the rise of targeted ransomware attacks against industrial sectors and the persistent threat posed by long-unpatched vulnerabilities. Here’s a closer look at some of the key findings:
- Faster Exploitation of New Vulnerabilities:
The time it takes for attackers to exploit newly discovered vulnerabilities has shrunk significantly. The report found that attackers are now launching attacks an average of 4.76 days after a vulnerability is publicly disclosed. This emphasizes the importance of rapid patching for organizations to mitigate the risk of compromise. - Legacy Vulnerabilities Remain a Threat:
Even older vulnerabilities continue to be exploited by attackers. The report reveals that nearly all organizations (98%) have encountered attacks leveraging vulnerabilities that have existed for at least five years. This underlines the necessity for consistent patching practices and staying updated on security best practices. - Targeted Ransomware Attacks on Industrial Sectors:
Ransomware attacks have become more targeted, with a significant shift towards industrial sectors like energy, healthcare, and manufacturing. This trend highlights the growing risk to critical infrastructure and the need for robust security measures in these industries. - Botnets Remain Resilient:
Botnets, networks of compromised devices controlled by attackers, continue to be a persistent threat. The report found that it takes an average of 85 days to disrupt a botnet’s communication channels after detection, showcasing their resilience. - Active Advanced Persistent Threat (APT) Groups:
The report identifies 38 out of the 143 APT groups tracked by MITRE as active in the second half of 2023. These groups often target specific organizations for espionage or other malicious purposes. - Dark Web Discourse:
Insights from Fortinet’s dark web monitoring service, FortiRecon, reveal that threat actors primarily discuss targeting organizations in the finance sector, followed by business services and education. The dark web also serves as a marketplace for stolen data and compromised credentials.
The report underscores the evolving cyber threat landscape and the challenges faced by organizations in securing their IT infrastructure. It emphasizes the importance of collaboration between security vendors, governments, and industry groups to combat cybercrime effectively. By working together and adopting a proactive approach to security, organizations can build stronger defenses and mitigate the growing risk of cyberattacks.