High ROI fuels vicious cyberattacks

The semi-annual Global Threat Landscape report, published by cybersecurity company Fortinet, had depicted the dynamic nature of cyber threats.

The report, which covers the first half of 2023, revealed that Fortinet successfully defended against nearly 17.7 million botnets, exploits, and viruses per day during the second quarter of the year.

“The Asia-Pacific region contributed to approximately 25 to 33 percent of the global telemetry data. However, our threat report underscored the significant number of viruses, botnets, and exploits encountered regularly,” Alan Reyes, country manager of Fortinet Philippines, said.

“This highlights the urgent need for organizations to bolster their cybersecurity strategies to strengthen their defenses, especially in light of the growing sophistication and frequency of threats,” he added.

Key takeaways from the report include that ransomware detection rates are declining due to increasing sophistication and the growing return on investment per attack.

Ransomware volumes reached volatile levels in the first half of 2023, but are still on an overall downward trend year-over-year, the report said.

It added that malicious actors are attacking top Endpoint Security Solutions, or EPSS, at an alarming rate, by as many as 327 times in seven days.

Fortinet said organizations should prioritize patching these vulnerabilities to reduce their risk of attack.

Nearly 1/3 of APT groups were active in 1H 2023: APT groups, such as OceanLotus, StrongPity, Turla, WildNeutron, and Winnti, were highly active in the first half of 2023.

These groups are known for their sophisticated attacks and targeted campaigns.

Malware families and variants are growing: Malware families and variants saw a 135 percent and 175 percent growth, respectively, in the first half of 2023.

This was due in part to APTs expanding their operations.

Botnets, on the other hand, are lingering in networks for longer than before, with an average active presence of 83 days. The increase in dwell time gives attackers more time to compromise data and systems.

Fortinet said it is working to disrupt these threats with an all-in approach that includes security awareness training, threat intelligence sharing, and the development of cybersecurity-applied AI.

However, the company acknowledged that it will require the cooperation of other organizations to create a larger disruption ecosystem.

Organizations can protect themselves from these threats by implementing a comprehensive cybersecurity strategy that includes the following:


Endpoint security

Deploy comprehensive endpoint security solutions that protect against a wide range of threats, including malware, ransomware and phishing attacks.


Network security

Implement network security solutions that can detect and block malicious traffic.


Security awareness training

Educate employees about cybersecurity best practices and how to identify and avoid common threats.


Threat intelligence

Share threat intelligence with other organizations to stay informed about the latest threats and trends.


Incident response

Develop an incident response plan to quickly and effectively respond to security incidents.


Leave a Reply

Your email address will not be published. Required fields are marked *