Fortinet: Puerto Rico targeted by 1.3B cyberattack attempts in 2023
![](https://newsismybusiness.com/wp-content/uploads/2023/08/cyberattack-820x394.jpg)
When compared to the previous year (2 billion cyberattack attempts in 2022), the figure is significantly lower.
Puerto Rico experienced 1.3 billion cyberattack attempts in 2023, according to FortiGuard Labs, Fortinet’s threat analysis and intelligence unit. This figure marks a decrease from the 2 billion attempts recorded in 2022.
Despite the reduction, FortiGuard Labs notes that the trend does not necessarily signal good news. Globally, while the volume of attacks has decreased, there is a rise in unique exploitations and new malware and ransomware variants that are more targeted.
“In summary, there are fewer attacks, but they are designed for specific targets, making them more sophisticated and with a higher chance of success if organizations do not have integrated, automated and updated cybersecurity defenses,” the company explained.
The Latin America and Caribbean region saw 200 billion cyberattack attempts in 2023, accounting for 14.5% of the total reported globally. Mexico, Brazil and Colombia were the most affected countries in the region.
Key findings from Fortinet’s FortiGuard Labs report for 2023 include:
- Ransomware continued to have significant activity in 2023. While detections may have decreased in volume, this trend supports what FortiGuard Labs has seen in recent years: ransomware and other attacks are becoming more specific and targeted, thanks to the increasing sophistication in attackers’ tactics, techniques and procedures, and the desire to increase the ROI per attack. This phenomenon underscores the importance of remaining vigilant and strengthening defenses against possible targeted attacks.
- During 2023, a prominent presence of threats linked to Microsoft Office applications was observed. While many of these threats already have their remediation signatures, the persistence in their detection suggests that attackers continue to exploit them as many organizations’ systems have not been patched or updated. An example of this is FortiGuard Labs’ recent discovery of a phishing campaign distributing a new variant of the Agent Tesla malware. This well-known malware family uses a remote access trojan and data thief to gain initial access. It is often used by cybercriminals to offer malware as a service (MaaS).
- In 2023, the distribution of malware through Microsoft Office files, such as Excel, Word and PowerPoint, has accounted for nearly 50% of malware detections. Therefore, the implementation of awareness strategies among workers is recommended, as well as the use of controls like Antispam, AntiMalware, EDR, among others, that allow for the effective detection and mitigation of this malicious activity.
- Prometei, malware capable of remotely controlling infected machines, has experienced a notable increase in activity in Latin America during 2023, with Panama and Ecuador being the countries with the highest detected activity. Prometei cannot only spread laterally across networks, steal password credentials nd execute arbitrary commands, but it can also download and execute additional malicious components. Additionally, it has the capability of mining cryptocurrencies and updating itself automatically.
- As in previous periods, the exploitation of Double Pulsar continues to lead the list as the predominant vulnerability in virtually all Latin American countries, representing 75% of all malicious activity detected in the last quarter of 2023. Since this threat has been identified for a long time and has its remediation signatures, this phenomenon underlines the critical need to update systems and apply cybersecurity providers’ recommendations.
- An exponential increase in malicious activities detected in Mexico during the fourth quarter of 2023 was observed, experiencing a remarkable growth of 950% compared to the preceding year. This phenomenon is mainly linked to a notable increase in reconnaissance tactics that actively seek exposed systems using the SIP protocol for internet voice calls, giving remote attackers the possibility to collect sensitive information or even gain access to vulnerable systems.
Disrupting cybercrime requires a comprehensive approach
“In this context, organizations must be more prepared than ever today, including cybersecurity as part of their business strategy. Having a comprehensive platform that converges networks and security, integrated to reduce the complexity of operations and automated with AI to lessen the burden on IT teams, allows for monitoring, detecting and isolating any intrusion attempt before it infiltrates the network and even after it has done so,” the firm stated.