FortiGuard Labs Threat Landscape Report Highlights Tenfold Increase in Ransomware

FortiGuard Labs Threat Landscape Report Highlights Tenfold Increase in Ransomware

The first half of 2021 saw a significant uptick in the number of cyberattacks that targeted individuals and organizations, according to FortiGuard Labs’ 2021 mid-year Global Threat Landscape Report.

Last year, attackers shifted their attention away from traditional enterprise infrastructure devices to consumer-grade ones. This year, they are targeting both, researchers say.

The volume of attacks has also increased significantly over the past six months. FortiGuard Labs attributes this to the rise in the number of botnets, with botnet activity jumping from 35% to 51%. The rise was led by TrickBot thanks to its evolution from a banking Trojan to a sophisticated multi-stage toolkit. In 2020, Mirai was the most prevalent botnet.

Cyber threats have become more alarming in the past year, researchers noted, with the most notable example of this being ransomware attacks, which has seen a massive increase in popularity with a staggering more than tenfold increase.

FortiGuard Labs attribute this to the continued growth of ransomware-as-a-service, and the fact that some operators are now selling access to compromised corporate networks to less technical criminals.

The telecommunications sector was the most targeted industry in the first half of 2021. Other top targets were government agencies, managed security service providers, automotive, and manufacturing sectors.

Some attacks that occurred in 2121 have affected various sectors of critical importance. Some of these included the disruption of gasoline and oil distribution across the US and the supply chain attack against a global meat processor.

Not just the number of attacks, but also their ferocity have increased, as cybercriminals have started adding levels of extortion to their arsenal. This includes combining DDoS attacks and doxing with encryption. Doing so will create more confusion and panic, and it will put the victim’s customers at risk.

Operational Technology (OT) has been targeted less often, but since it’s connected to critical infrastructure, an attack that exploits an unpatched or vulnerable OT device can disrupt lives for years.

The report used the data collected by FortiGuard Labs’ sensors, comprising billions of threat events during the first half of 2021. It also used MITRE ATT&CK framework to classify and describe the various tactics used by hackers to attack their targets. It also allowed the researchers to learn how to detect and respond to the most critical threats.

Image: FortiGuard Labs

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.