|
||
FortiGuard Labs Predicts the Convergence of Advanced Persistent Threat Methods with CybercrimeAdvanced Persistent Cybercrime Enables New Wave of Destructive Attacks at Scale Fueled by Cybercrime-as-a-Service | ||
Dubai, United Arab Emirates Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated, and automated cybersecurity solutions, today unveiled predictions from the FortiGuard Labs global threat intelligence and research team about the cyberthreat landscape for the next 12 months and beyond. From quickly evolving Cybercrime-as-a-Service (CaaS)-fueled attacks to new exploits on nontraditional targets like edge devices or online worlds, the volume, variety, and scale of cyberthreats will keep security teams on high alert in 2023 and beyond. Highlights of the predictions can be found below, but for a more detailed view of the predictions and key takeaways for CISOs, read our blog.
Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, FortiGuard Labs
Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, FortiGuard Labs said, “As cybercrime converges with advanced persistent threat methods, cybercriminals are finding ways to weaponize new technologies at scale to enable more disruption and destruction. They are not just targeting the traditional attack surface but also beneath it, meaning both outside and inside traditional network environments. At the same time, they are spending more time on reconnaissance to attempt to evade detection, intelligence, and controls. All of this means cyber risk continues to escalate, and that CISOs need to be just as nimble and methodical as the adversary. Organizations will be better positioned to protect against these attacks with a cybersecurity platform integrated across networks, endpoints, and clouds to enable automated and actionable threat intelligence, coupled with advanced behavioral-based detection and response capabilities.”
One of the most important methods to defend against these developments is cybersecurity awareness education and training. While many organizations offer basic security training programs for employees, organizations should consider adding new modules that provide education on spotting evolving methods such as AI-enabled threats.
Reconnaissance-as-a-Service Models Could Make Attacks More Effective
Luring cybercriminals with deception technology will be a helpful way to not only counter RaaS but also CaaS at the reconnaissance phase. Cybersecurity deception coupled with a digital risk protection (DRP) service can help organizations know the enemy and gain advantage.
Money Laundering Gets a Boost from Automation to Create LaaS
Looking outside an organization for clues about future attack methods will be more important than ever, to help prepare before attacks take place. DRP services are critical for external threat surface assessments, to find and remediate security issues, and to help gain contextual insights on current and imminent threats before an attack takes place.
Virtual Cities and Online Worlds Are New Attack Surfaces to Fuel Cybercrime
Because individuals can purchase goods and services in virtual cities, digital wallets, crypto exchanges, NFTs, and any currencies used to transact offer threat actors yet another emerging attack surface. Biometric hacking could also become a real possibility because of the AR and VR-driven components of virtual cities, making it easier for a cybercriminal to steal fingerprint mapping, facial recognition data, or retina scans and then use them for malicious purposes. In addition, the applications, protocols, and transactions within these environments are all also possible targets for adversaries.
Regardless of work-from-anywhere, learning-from-anywhere, or immersive experiences-from-anywhere, real-time visibility, protection, and mitigation is essential with advanced endpoint detection and response (EDR) to enable real-time analysis, protection, and remediation.
Commoditization of Wiper Malware Will Enable More Destructive Attacks
Using AI-powered inline sandboxing is a good starting point to protect against sophisticated ransomware and wiper malware threats. It allows real-time protection against evolving attacks because it can ensure only benign files will be delivered to endpoints if integrated with a cybersecurity platform.
What These Attack Trends Mean for Cybersecurity Professionals
About FortiGuard Labs
About Fortinet |
||
|
||||||||||||||||
| ||||||||||||||||