Fortinet has released its Quarterly Threat Landscape Report for Q1 2018, and while numbers indicate that common threats have actually dropped during the quarter, it also shows that attackers are refining both their technologies as well as methodologies.
According to the report, Meltdown and Spectre have dominated the Q1 2018, and Microsoft has remained the number one target of exploits, routers have also made it to the second spot in the total attack volume. Mobile malware is also up from 7 to 21 percent and both web oriented technologies and web Content Management Systems (CMS) were also heavily targeted.
According to the report and the blog post, ransomware was still one of the biggest security threats, especially in a high-value industry like healthcare, education, and financial services. Ransomware also continues to evolve, using both new delivery channels as well as new techniques in evading detection. Some of the biggest ransomware attacks included GandCrab, BlackRuby, SamSam, and the Olympic Destroyer.
The report also focuses on the Internet of Things (IoT) devices which are still in the top of for being targeted by cybercriminals.
Another novelty are operational technology (OT) attacks, which have a smaller percentage in the overall attack landscape but rather a worrisome trend of rising. With many ICS and SCADA systems become connected to the Internet, Fortinet expects a rise in those attacks. Currently, the majority of exploit activity is focused on two most common industrial communication protocols, but it could spread to other as it becomes more connected.
According to the conclusion, while there was a drop in a number of exploits of 13 percent in the Q1 2018, the number of detection also grew by 11 percent and 73 percent of companies still experienced a severe exploit during the quarter. This shows that cybercriminals are focusing on specific attacks and matching exploits with targets rather than blindly attacking across the range of exploits.
Both attack trends and attack vectors are evolving and while ransomware still holds the number one spot, cryptojacking has become rather popular. With future predictions where AI-based attacks are used, it is obvious that security companies need to evolve as well where security is integrated into applications, devices, and cloud networks to protect data which is now located on different and complex environments.
You can check out detailed information and more numbers in Fortinet’s Quarterly Threat Landscape Report for Q1 2018.