User devices are always under threat and vulnerable to attack

Targeted attacks continue to increase

Specifically, according to a report by FortiGuard Labs, as of the first half of 2023, although the number of network attacks carrying ransomware has not increased, the groups carrying out attacks have increased. The intent (APT) is always constant, escalating, sophisticated, and complex, leading to unpredictable changes in opposing techniques and tactics (MITER ATT&CK).

Thiết bị, nền tảng của người dùng luôn bị đe dọa và dễ bị tấn công

Furthermore, during this time, there has been a significant increase in the development of ransomware variants, largely following the trend of using the ransomware-as-a-service attack model. (RaaS) and attackers always want to optimize the return on investment (ROI) for each attack.

“In the first half of 2023, only a small number of organizations will detect the presence of ransomware. This number is 13%, significantly lower than the same period 5 years ago, which was 22%," the FortiGuard Labs report emphasized.

Also according to the report, to date, out of a total of 138 hacker groups specializing in cyber security threats (monitored by security research organization MITER), up to 41 groups (accounting for 30%) have operational during the first half of 2023.

Lỗ hổng bảo mật ngày càng nhiều

Among them, the groups: Turla, StrongPity, Winnti, OceanLotus and WildNeutron stand out as the most active groups, based on the amount of malware detected.

Not only did the report specifically detect the attack groups, the report also said that there is a worrying and serious existence that includes: Security vulnerabilities; complex malware variants; malicious computer networks (botnets).

Talking about security vulnerabilities, in the first half of 2023, more than 10,000 vulnerabilities were discovered, an increase of 68% compared to five years ago. Because of the sudden increase in vulnerabilities, the report mentions that security teams must understand how attacks work in a relatively short period of time.

The same goes for malware variants, increasing by 135% and 175% respectively compared to 5 years ago. Notably, variants of the malware have spread to at least 10% of global organizations (a significant threshold for prevalence), doubling in the past five years.

“The increase in the number and popularity of this malware can be attributed to the increasing number of cybercriminals and APT attack groups expanding their activities and diversifying their attacks over the years. recently," according to the report.

Botnets, too, have increased in number of active botnets (+27%) and higher frequency of contact between organizations over the past half decade (+126%). And in the first six months of 2023, the average time that botnets existed before ending command and control (C2) communications was 83 days, an increase of more than 1,000 times compared to five years ago.

Disrupting cybercriminal activity requires a comprehensive approach

With the findings from the report, this shows that real cyber security threats are always lurking, permanent, and can easily attack network devices, application systems, and user platforms. .

To address this concern, representative of FortiGuard Labs, Director of Cyber Security Strategy and Global Threat Research, Mr. Derek Manky, said that preventing cybercrime must be a global effort, requiring requires close, sustainable cooperation between the public and private sectors.

At the same time, in addition to our need to focus on investing in security services, supported by artificial intelligence (AI), this will help security teams take protective measures quickly. optimally in real time across the organization's entire network.