Fortinet: Puerto Rico hit by 1B+ cyberattack attempts in first half of ’23
Puerto Rico was the target of more than one billion attempted cyberattacks in the first half of 2023, according to data from FortiGuard, the threat intelligence and research arm of Fortinet. The automated cybersecurity solution provider recently published its semiannual Global Threat Landscape report.
Among the report’s findings, Latin America and the Caribbean experienced more than 63 billion attempted cyberattacks during the same period. Brazil received the most attempts (23 billion), followed by Mexico (14 billion), Venezuela (10 billion), Colombia (5 billion) and Chile (4 billion).
Increased focus on ransomware
In recent years, FortiGuard Labs has documented substantial spikes in variants of ransomware — which is malicious software, or malware, that locks data until a ransom is paid — largely fueled by the adoption of ransomware-as-a-service (RaaS), a service model where cybercriminals “rent” ransomware. However, there were fewer ransomware detections in the first half of 2023.
Despite the overall decline, organizations should keep their guard up, the report adds. The findings validate the trend that FortiGuard Labs has noted over the last couple of years that ransomware and other cyberattacks are becoming increasingly more targeted, reflecting the increasing sophistication of attackers and the intent to maximize the return on investment for each attack.
Unique exploits on the rise
FortiGuard Labs detected more than 10,000 unique exploits — or software that takes advantage of a bug, or vulnerability, in information systems — in the first half of 2023, an increase of 68% since five years ago. The surge “highlights the sheer number of different types of malicious attacks that security teams” need to be aware about.
The report further notes that there was a more than 75% decrease in exploit attempts per organization, indicating that while exploit variants are on the rise, the attacks have become much more targeted than five years ago.
Wipers used by nation-state actors
A significant focus of the last Global Threat Landscape report was the rise in wiper malware — which erases data from the victim’s system — largely associated with the Russia-Ukraine conflict. FortiGuard Labs continues to track the use of wipers by nation-state entities, and the adoption rate of this malware type among cybercriminals remains trending upward. Targets primarily include the technology, manufacturing, government, telecommunications and health care sectors.
One of the alarming findings was the number of “active days” of botnet activity. Botnets are networks of computers that have been infected and controlled by malware. FortiGuard Labs defines “active days” as “the amount of time that transpires between the first hit of a given botnet attempt on a sensor and the last.”
In the first six months of 2023, the average time botnets persisted before command and control (C2) communications — a mechanism used by cybercriminals to control botnets — ceased was 83 days, more than 1,000 times longer than figures from five years ago. This is another example where reducing the response time is critical because the longer organizations allow botnets to linger, the greater the damage and risk to businesses.
Although organizations continue to find themselves in a reactive position due to the growing sophistication of malicious actors and the escalation of targeted attacks, ongoing analysis of the threat landscape helps provide valuable intelligence that can serve as an early warning of potential threat activity and help security leaders prioritize their security strategy.
“Disrupting cybercrime is a global effort that comprises strong, trusted relationships and collaboration across public and private sectors, as well as investing in AI-powered security services that can help overwhelmed security teams coordinate actionable threat intelligence in real time across their organization,” said Derek Manky, chief security strategist and global vice president of Threat Intelligence at FortiGuard Labs. “With targeted threats at an all-time high, security teams cannot afford to sit idle. Fortinet’s FortiGuard Labs continues to provide innovative and actionable intelligence to help security teams proactively prioritize patching efforts and respond to threats faster than ever.”
Access the latest report here.