2018 is turning out to be a bumpy year for businesses who are battling the onslaught of cyber attacks – and a bumper year for the attackers.
That’s according to Fortinet’s Threat Landscape Report for Q2 2018, which found that although no single breach dominated the cyber zeitgeist, there was still plenty of activity going on.
There are more than 100,000 known vulnerabilities that are open to exploitation from attackers, of which 5898 (5.7%) were exploited in the wild, the report says.
Fortinet’s FortiGuard detected 30 zero-day (previously unknown) vulnerabilities, but many exploits took advantage of known vulnerabilities in Microsoft Office (CVE 2017-11882), Apache Struts (CVE-2017-5638), and Oracle WebLogic Server (CVE-2017-10271, CVE-2017-3506).
Across the globe, Fortinet recorded 23,945 unique malware variants and 4856 different malware families. Businesses were plagued with malware with an average of 13 unique daily detections per firm.
With the rise of cryptojacking as a serious concern, it’s no surprise that 23.3% of detections were related to cryptojacking malware.
“Cryptojacking activity continued to increase globally, but not relative to the growing volume of malware overall. As with any market, such fluctuations may be attributable to the forces of supply and demand,” the report says.
There’s also an interesting development in the agile development of malware. While malware authors have previously relied on polymorphic techniques to avoid detection, that’s not working so well anymore. Now those authors have switched to agile development, which means they’re always working against the latest anti-malware tactics.
Over Q2, Fortinet detected 265 unique botnets, including one of the most prevalent and pervasive variants, Gh0st.RAT.
For every firm there were an average of 1.8 botnets operating. Infections can last from one day to more than one week.
While there are fewer botnets than malware variants, it doesn’t mean botnets are any less dangerous. There are fewer botnets simply because ‘good botnets are custom built to last’, Fortinet says.
You can stay up-to-date with all the latest threats, including botnets with Fortinet's Weekly Threat Intelligence Brief.
According to Fortinet, there’s little point trying to keep organisational weak points locked away and hidden. Penetration tests, privileged users, and vulnerability reports all offer opportunities, but they also pose threats to business.
What organisations should focus on is a proactive and integrated approach to network security that enables transparency, network visibility, automation, and works with compliance requirements.
Fortinet’s FortiGuard threat intelligence keeps a close eye on the latest known and emerging vulnerabilities and protect its customers from malicious attacks.