Fortinet (NASDAQ: FTNT), the global cybersecurity leader at the forefront of merging networking and security, has unveiled its 1H23 Global Threat Landscape Report. The report, issued by FortiGuard Labs, provides insights into the evolving cybersecurity landscape, shedding light on the latest trends and threats observed during the first half of 2023.
Decline in Ransomware Detection
One of the report’s key findings is a decline in organisations detecting ransomware attacks. While ransomware variants have seen substantial growth in recent years, driven by the proliferation of Ransomware-as-a-Service (RaaS), FortiGuard Labs discovered that fewer organizations detected ransomware in the first half of 2023, with only 13% reporting incidents, compared to 22% five years ago.
This decline underscores a shift towards more targeted attacks, as cybercriminals become increasingly sophisticated in their methods and seek higher returns on their investments. The volume of ransomware detections also exhibited volatility, ending 1H23 at 13 times higher than the close of 2022 but still showing an overall downward trend year-over-year.
APT Activity on the Rise
FortiGuard Labs’ report highlights a significant increase in activity among advanced persistent threat (APT) groups. For the first time, FortiGuard Labs tracked the number of threat actors behind these trends and revealed that 30% of the 138 cyberthreat groups monitored by MITRE were active in the first half of 2023.
Notably, APT groups such as Turla, StrongPity, Winnti, OceanLotus, and WildNeutron were the most active, based on malware detections. The report suggests that the evolution and volume of APT activity will be a focal point in future reports.
Explosion in Unique Exploits, Malware Variants, and Botnet Persistence
The 1H23 Global Threat Landscape Report also highlights an explosion in unique exploits, up by 68% from five years ago. This increase underscores the growing diversity and volume of malicious attacks that security teams must combat.
While exploit toolkits have expanded, there has been a 75% reduction in exploitation attempts per organization over five years, suggesting more targeted attacks.
Additionally, the report notes a 135% increase in malware families and a 175% rise in malware variants that propagate to at least 10% of global organisations. This escalation is attributed to the expansion and diversification of cybercriminal and APT group operations in recent years.
The report also raises concerns about botnets, with an increase in active botnets (+27%) and a higher incidence rate among organizations over the past five years (+126%). A startling finding is the exponential increase in the total number of “active days” that botnets linger, with an average of 83 days in the first half of 2023, representing a 1,000-fold increase from five years ago.
A Call for an All-In Approach to Disrupt Cybercrime
FortiGuard Labs emphasises the need for a collaborative, intelligence-sharing approach to combat cybercrime effectively. While Fortinet is a leader in enterprise-class cybersecurity and networking innovation, the report highlights the importance of AI-Powered Security Services in enhancing protection against known and unknown threats.
Malaysia’s Cybersecurity Landscape
In the Malaysian context, the report reveals that Excel and MSIL malware variants have become predominant threats in the Asia-Pacific region during 2Q23 due to their adaptability and versatility. Notably, Excel malware, often distributed through phishing emails with malicious macros, remains a prevalent attack vector.
The report also identifies Mirai, Gh0st Ra, and Bladabindi as the most relevant botnet activities observed in 1Q23 in Malaysia, being used for various malicious activities, including DDoS attacks, credential harvesting, and data exfiltration.
These findings underscore the importance of vigilant cybersecurity measures for individuals and organisations in Malaysia, emphasising the timely patching of vulnerabilities and the deployment of robust security measures.
Dickson Woo, country manager of Fortinet Malaysia, said: “As Malaysia strives to realize its smart city aspirations outlined in the MyDigital initiative and the Malaysia Digital Economy Blueprint, it is imperative that the nation consistently bolsters its cybersecurity measures.”