Derek Manky Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs

Derek Manky Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs joined theCUBE's Dave Vellante in a discussion around FortiGuard Lab's report 2H2020 Global Threat Landscape

Just as “flattening the curve” has become the battle cry for communities around the world seeking to combat the spread of COVID-19, the mantra applies to the threat climate for cybersecurity in 2021 as well.

That is one of the conclusions to be drawn from the latest semiannual FortiGuard Labs “Global Threat Landscape report”. Released this week, the findings from Fortinet Inc.’s global threat intelligence operation outline a sobering picture of a digital world under constant attack.

“We’re processing north of 100 billion threat events in just one day,” said Derek Manky (pictured), chief of security insights and global threat alliances at Fortinet’s FortiGuard Labs. “Last year was certainly not normal, and that was not an exception for cybersecurity. Because COVID was so global and dominant, we saw attacks coming in from well over 40 different languages in regions all over the world. That didn’t last for two to three weeks; it lasted for the better part of a year.”

Manky spoke with Dave Vellante, host of SiliconANGLE Media’s livestreaming video studio theCUBE. They discussed how cybercriminals escalated attacks throughout the year, continued disruption of critical operations caused by ransomware, vulnerabilities created by remote work, and steps users can take to guard against future breaches. (* Disclosure below.)

Exploiting weakest link
The FortiGuard Labs report noted that cyber adversaries steadily implemented attacks with increasingly disruptive outcomes. The year culminated with discovery of the significant SolarWinds security supply chain breach, which has impacted major global firms and numerous U.S. government agencies.

“Cybercriminals are always trying to take advantage of the weakest link in the chain,” Manky said. “They didn’t have to innovate too much. They didn’t have to expand and shift to new trends and themes.”

Indeed, FortiGuard Labs found that ransomware, which was first identified as a criminal attack in 1989, continued its onslaught in the second half of 2020. This included the evolution of ransomware as a service, targeting major targets for even bigger ransoms.

“The big shift that we saw last year in our “Threat Landscape Report” was to targeted ransom,” Manky explained. “They’re not just going after random data; they’re going after data that they know is valuable to large organizations. There are various ransomware families we saw that have now reverted to extortion and blackmail.”

Targeting home systems
Another significant vulnerability to emerge in 2020 was the use of home connectivity to target business systems. As the global pandemic closed firewall-protected offices and moved entire companies to a “work-from-anywhere” model, cybercriminals seized the opportunity to exploit home routers and IoT devices with weaker defenses.

Favorite targets included home routers, DVRs, home entertainment systems and even security cameras, according to Manky.

“The amount of target points is expanding,” Manky said. “How do we take any devices on the network and secure them? We really have to treat this as a distributed branch model for enterprise.”

To flatten the curve of vulnerability exploits, FortiGuard Labs recommends keeping security patches up to date for all systems, conducting regular security inspections and using multifactor authentication whenever possible.

“The good news is there’s a lot we can do about this, and basic measures go a long way,” Manky said. “We can’t win this war alone. Everybody has a responsibility.”

Видео Derek Manky Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs канала SiliconANGLE theCUBE