UPDATED 17:07 EST / AUGUST 31 2021

SECURITY

FortiGuard Labs reports major jump in ransomware as criminals use botnets to attack the edge

The semiannual release of the FortiGuard Labs “Global Threat Landscape Report” is usually a good opportunity to get a temperature reading on the state of cybersecurity. Based on the latest report, released in August, ransomware is boiling hot.

Threat intelligence from the first half of 2021 showed a tenfold increase in ransomware attacks, with noticeable growth in both volume and sophistication. The prevalence of botnet detections jumped from 35% to 51% in just six months, according to the report, with a broadening of the attack surface to include new vertical industries.

“Now it’s built into this monster, almost an 11x increase from what we saw last December,” said Derek Manky (pictured), chief of security insights and global threat alliances at Fortinet Inc.’s FortiGuard Labs. “What is fueling this is new verticals that cybercriminals are targeting. Telecommunications and government have been in positions one and two. New verticals that have risen up are managed service providers, following the Kaseya attack, as well as operational technology.”

Manky spoke with Lisa Martin, host of SiliconANGLE Media’s livestreaming video studio theCUBE. They discussed continued prevalence of the Mirai botnet and recent progress through collaborative efforts to take down criminal operations. (* Disclosure below.)

Botnets fuel attacks

Kaseya Ltd., an IT platform used by managed service providers, incurred an attack earlier this year that pushed out copies of REvil ransomware to downstream customers. Threat actors are targeting supply chain players and then leveraging powerful botnets to exploit vulnerabilities in internet of things devices to increase the scale.

Hackers have managed to create several more powerful variants of the Mirai botnet, malware that turns networked devices running Linux into remotely controlled bots.

“Mirai is an IoT botnet, so it sits on devices, inside consumer networks or home networks, and that can be a big problem,” Manky said. “What we reported in the first half of 2021 is that Mirai is number one by far. It was the most prevalent botnet we have seen.”

Despite the chilling news in the FortiGuard Labs report, there has been progress on other fronts. A collaborative effort between the U.S. and several other countries resulted in a takedown of the EMOTET cybercrime service in January. EMOTET had been a prolific distributor of malware and ransomware attacks.

“Immediately after that takedown, it dropped to half the activity it had before. And it’s been consistently staying at that low watermark,” Manky said. “That’s good news, because it shows that the coordinated efforts with law enforcement and partners to take down these are hitting their supply chain where it hurts. There is still a lot of work to be done.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations. (* Disclosure: Fortinet Inc. sponsored this segment of theCUBE. Neither Fortinet nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU