TLDR: FortiGuard Labs, the cybersecurity leader, has unveiled its latest Global Threat Landscape Report for the first half of 2023. Key highlights include a decline in ransomware detection, heightened advanced persistent threat (APT) activities, shifts in MITRE ATT&CK techniques, and a surge in unique exploits, malware variants, and botnet persistence. The report emphasizes the need for a collaborative approach to disrupt cybercrime.
Fortinet®, a global cybersecurity leader, has released its 1H 2023 Global Threat Landscape Report. This comprehensive report from FortiGuard Labs highlights critical cybersecurity trends and threat activities observed during the first half of 2023.
FortiGuard Labs notes a decline in organizations detecting ransomware attacks in 1H 2023, compared to five years ago. This trend reflects the increasing sophistication of attackers, leading to more targeted attacks. While the volume of ransomware detections remains volatile, it is generally on a downward trend year-over-year.
Focus on High-Severity Vulnerabilities
The report highlights that vulnerabilities categorized with a high EPSS score (top 1% severity) are 327 times more likely to be exploited within seven days than other vulnerabilities. This underscores the importance of addressing high-severity vulnerabilities promptly.
Active APT Groups
For the first time, FortiGuard Labs tracks the number of threat actors behind the trends. In 1H 2023, 30% of the 138 cyberthreat groups tracked were active. Prominent APT groups like Turla, StrongPity, Winnti, OceanLotus, and WildNeutron were the most active based on malware detections.
Explosion in Exploits and Malware Variants:
The report reveals a 68% increase in unique exploit detections compared to five years ago. The number of malware families and variants has surged, with a 135% and 175% increase, respectively.
Active botnets and their incidence rate have risen significantly over the past five years. The average time botnets linger before ceasing command and control (C2) communications has increased by over 1,000 times, highlighting the importance of rapid response.
The report emphasizes the need for collaboration and intelligence sharing to disrupt cybercrime. Fortinet’s AI-powered security services and tools are highlighted as key elements in combating cyber threats.
Singapore’s Cyber Threat Landscape
In Q2 2023, Excel and MSIL malware variants emerged as predominant threats in the Asia-Pacific (APAC) region. In Singapore, the report detected a high number of virus instances, with JS/Cryxos as a prominent threat. The city-state also faced challenges from botnets like Mirai, Ghost Rat, Bladabindi, and RotaJakiro, involved in activities such as DDoS attacks and data exfiltration.