Fortinet: Cyber Attacks Becoming Smarter & More Automated in 2017

Global leader in high-performance cybersecurity solutions Fortinet urges Chief Information Security Officers (CISO) in Malaysia to adopt an integrated, collaborative and automated cyber security system to counter looming cyber threats in 2017. In its mid-year prediction update, Fortinet observed that cyber-attacks have grown increasingly smarter, more automated and sophisticated.  Driven by IoT connectivity, cyber threats are compounding at speeds that outstrip the pace of cyber security solutions development.

“We are seeing a rise in the number and sophistication of malware attacks that are designed to target and exploit IoT vulnerabilities. Beta versions of new classes of exploits are now being regularly released into the wild, some within weeks of the initial beta launch, resulting in second and third generations with much more sophisticated tools and automated exploits,” said Gavin Chow, Network and Security Strategist, Fortinet Asia Pacific.

During the first half of 2017, Fortinet’s FortiGuard team observed the following key trends on cyber-attacks:

Rise of Shadownets

2016 witnessed the launch of the largest DDoS attack in history, Mirai, which utilized an IoT-based shadownet built using millions of vulnerable IoT devices to bring down a large chunk of the Internet. In 2017, Mirai exploits continued to target vulnerable systems while its successor, the Hajime ransomworm is now making further inroads. Unlike Mirai, Hajime has a lot of sophisticated cybertools built in. Like Mirai, it is also IoT focused, but it is also cross-platform and includes a toolkit with automated tasks, and maintains a dynamic password lists that is remotely updatable. To evade detection, Hajime is designed to be less noisy in order to stay under the detections radar by using things like traffic and behavior thresholds to mimic human behavior. One of Hajime’s most alarming features is an embedded tool designed to remove rules. For instance, it removes the rules that allow customer-premises equipment (CPE) device to talk to service providers about any unauthorized activities.

Ransomware Continues To Terrorize

 Like IoT-based shadownets, ransomware is also getting smarter. Fortinet’s recent Q1 Threat Landscape report documented an increase in DVR signatures in its attack trends section. Scalability has previously been a limiting factor in this sort of attack, but Hajime automates the process to build an automated smart infrastructure to deliver this threat. Once an attack is automated, attackers would not be limited to targeting specific industries.

Hot exploits getting ‘hotter’

 One of the primary reasons hackers are successful is poor security hygiene. Networks are expanding and evolving rapidly, crossing over different domains and environments. Speed and efficiency are business critical, which means that there is zero tolerance for ay device downtime. As a result, vulnerable devices are not being tracked, updated or replaced.

The exploit techniques of the IoT world are fast evolving − including password stealing, and then leveraging these passwords to hack additional systems.  It is a human process that that has now become automated.  Automation means that attacks not only strike faster, they also reduce the time between breach and impact, and can learn how to avoid detection.

“In the ongoing cyberwar, organizations in Malaysia need to fight automation with automation by deploying integrated expert security systems that can automatically collect, correlate, share, and respond to threats in a coordinated fashion, anywhere across the distributed network ecosystem,” added Chow.

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 320,000 customers trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.


There are no comments

Add yours