Fortinet: Puerto Rico targeted by 2B+ cyberattacks in ’22
Puerto Rico was the target of more than two billion cyberattacks last year, or 105% more than in 2021, according to Fortinet. The provider of automated cybersecurity solutions revealed its latest semi-annual Global Threat Landscape report.
Among the report findings, destructive wiper malware, or malicious software designed to erase data on an infected computer or device, increased by more than 50%. Furthermore, cybercriminals’ supply chains have strengthened in sophistication to counter evolving defenses, according to Fortinet’s threat intelligence lab, FortiGuard Labs.
In August, Fortinet announced that Puerto Rico was the target of 737 million attempted cyberattacks in the first half of the year, an increase of 294% compared with the same period in 2021.
Meanwhile, the Latin American and Caribbean regions suffered over 360 billion attempted cyberattacks in 2022. Mexico was the “most attempted attack” country in the region (187 billion), followed by Brazil (103 billion), Colombia (20 billion) and Peru (15 billion).
“For cyber adversaries, maintaining access and evading detection is no small feat, as cyber defenses continue to advance forward to protect organizations today,” said Derek Manky, chief security strategist and global vice president of threat intelligence at FortiGuard Labs.
“To counter, adversaries are augmenting with more reconnaissance techniques and deploying more sophisticated attack alternatives to enable their destructive attempts with [advanced persistent threat (APT)]-like … methods such as wiper malware or other advanced payloads. To protect against these advanced persistent cybercrime tactics, organizations need to focus on enabling machine learning-driven coordinated and actionable threat intelligence in real time across all security devices to detect suspicious actions and initiate coordinated mitigation across the extended attack surface,” Manky said.
Other highlights of the report include:
- Ransomware threats remain at peak levels with no evidence of slowing down globally with new variants enabled by ransomware-as-a-service (RaaS), or a platform from which other cybercriminals can launch software to block access to a computer system.
- The most prevalent malware was more than a year old and had gone through a large amount of speciation, or variants breaking into different “species” of malware, “highlighting the efficacy and economics of reusing and recycling code.”
- Log4j continues to impact organizations in all regions and industries, most notably across technology, government and education. The open-source software is widely used in software development to record application log messages. A vulnerability was discovered that could allow remote attackers to execute arbitrary code on the affected system and is considered to be one of the most significant cybersecurity threats in recent years.
Wiper malware explosion
Analyzing wiper malware data revealed a trend of cyber adversaries using destructive attack techniques against their targets. It also showed that with the lack of borders on the internet, cyber adversaries can easily scale these types of attacks, which have been largely enabled by the cybercrime-as-a-service (CaaS) model. In early 2022, FortiGuard Labs reported the presence of several new wipers in parallel with the Russia-Ukraine war.
Later in the year, wiper malware expanded into other countries, driving a 53% increase in wiper activity from the third to the fourth quarter alone, Fortinet said.
“Unfortunately, the trajectory of destructive wiper malware does not appear to be slowing,” which means any organization remains a potential target, the company warned.
Financial cybercrimes ‘holding at peak levels’
Meanwhile, FortiGuard Labs Incident Response (IR) engagements found that financially motivated cybercrime resulted in the highest volume of incidents (73.9%), with a distant second attributed to espionage (13%).
In all of 2022, 82% of financially motivated cybercrimes involved the employment of ransomware or malicious scripts, highlighting that the global ransomware threat remains in full force with no evidence of slowing down thanks to the growing popularity of RaaS on the dark web, Fortinet said, adding that ransomware volume increased 16% from the first half of 2022.
Access the latest Global Threat Landscape report here.