The technology behind cyberattacks is becoming more sophisticated, and the recent frenzy surrounding cryptocurrencies is driving criminals to become more adept at taking over vulnerable computer systems. Those were two of the key findings from the newly released “Threat Landscape Report,” a summary of security intelligence from Fortinet Inc.

The quarterly report is based on the company’s analysis of billions of events in production environments around the world, in an effort to identify specific trends regarding exploits, malware and botnets. And the news is not good.

“It’s getting more sophisticated, specifically with these ‘internet of things’ devices,” said Anthony Giandomenico (pictured), senior security strategist/researcher of FortiGuard Labs at Fortinet. “[Attacks] are also becoming a lot more resilient.”

Giandomenico spoke with Peter Burris (@plburris), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Palo Alto, California, to discuss sophisticated malicious botnets, crypto-jacking for currency mining, top exploit kits, the current state of ransomware, and ways that businesses can protect assets. (* Disclosure below.)

Botnets target security flaws

What Fortinet found was that malicious botnets, such as Reaper and Hajime, are not only growing but have gained the ability to communicate with each other as well. The Reaper virus has infected thousands of computers and exploits security flaws inside the machines it infects. Hajime (“beginning” in Japanese) contains code for propagation as it gains access to IoT-connected devices.

“Some of the actual botnets like Hajime are able to communicate via peer-to-peer with each other,” Giandomenico explained. “What they create is a decentralized command and control infrastructure.”

Fortinet’s researchers also found that crooks are increasingly taking advantage of the popularity surrounding cryptocurrencies these days, particularly given the dramatic increase in value. (The price of one bitcoin has risen from $700 to approximately $10,000 in a little more than a year.) Cryptojacking, the surreptitious use by criminals of central processing unit resources to mine digital currency, is rising as more systems are being diverted for fraudulent use.

“All the bad guys really have to do is install a little Java script in your browser and away they go,” Giandomenico said. “And the only way that you’re going to know that your machine may be part of this mining is it may become super slow.”

Exploit kits surge in popularity

The latest quarterly threat report includes information on top exploit kits, packaged malware often contained in an innocuous looking graphic, that when clicked launches malware throughout systems. The Sundown kit has seen a surge in popularity, apparently because it has become useful by criminals for disguising exploits.

“It actually rose in early December to be number one for Q4,” Giandomenico said. “And it’s unique because it does leverage steganography, meaning it’s able to hide its malicious code or its harvested information inside image files.”

After mysteriously disappearing for a brief period, Locky has emerged to claim the top spot as the most widely used form of ransomware, according to the Fortinet report, with GlobeImposter a popular choice as well. The attacks are still being distributed through phishing emails, although some ransomware variants are also showing worm-like capabilities to move from one vulnerability to another.

What can businesses do to protect against an increasingly perilous threat landscape? For ransomware, Giandomenico advises having a good backup and recovery strategy with regular tabletop exercises in preparation for dealing with an attack. The Fortinet strategist also encourages firms to follow an active training and knowledge-based approach.

“Have a good user awareness training program that actually includes keeping up with the latest and greatest tactics, techniques, and the actual threats that the bad guys are doing out there,” Giandomenico said.

The latest threat report provides further evidence for the enterprise security community that businesses will need to focus on guarding key assets, because 100 percent protection is a pipe dream. “Forget about protecting and monitoring everything, it’s not going to happen,” Giandomenico said. “Focus on what are the key assets, what are those five, six business-critical processes … focus on protecting those.”

Watch the entire video interview with Giandomenico below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations. (* Disclosure: Fortinet Inc. sponsored this segment of theCUBE. Neither Fortinet nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE