Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs talks with SiliconANGLE's Lisa Martin.
FortiGuard Labs reports major jump in ransomware as criminals use botnets to attack the edge
BY MARK ALBERTSON
The semiannual release of the FortiGuard Labs “Global Threat Landscape Report” is usually a good opportunity to get a temperature reading on the state of cybersecurity. Based on the latest report, released in August, ransomware is boiling hot.
Threat intelligence from the first half of 2021 showed a tenfold increase in ransomware attacks, with noticeable growth in both volume and sophistication. The prevalence of botnet detections jumped from 35% to 51% in just six months, according to the report, with a broadening of the attack surface to include new vertical industries.
“Now it’s built into this monster, almost an 11x increase from what we saw last December,” said Derek Manky (pictured), chief of security insights and global threat alliances at Fortinet Inc.’s FortiGuard Labs. “What is fueling this is new verticals that cybercriminals are targeting. Telecommunications and government have been in positions one and two. New verticals that have risen up are managed service providers, following the Kaseya attack, as well as operational technology.”
Manky spoke with Lisa Martin, host of SiliconANGLE Media’s livestreaming video studio theCUBE. They discussed continued prevalence of the Mirai botnet and recent progress through collaborative efforts to take down criminal operations. (* Disclosure below.)
Botnets fuel attacks
Kaseya Ltd., an IT platform used by managed service providers, incurred an attack earlier this year that pushed out copies of REvil ransomware to downstream customers. Threat actors are targeting supply chain players and then leveraging powerful botnets to exploit vulnerabilities in internet of things devices to increase the scale.
Hackers have managed to create several more powerful variants of the Mirai botnet, malware that turns networked devices running Linux into remotely controlled bots.
“Mirai is an IoT botnet, so it sits on devices, inside consumer networks or home networks, and that can be a big problem,” Manky said. “What we reported in the first half of 2021 is that Mirai is number one by far. It was the most prevalent botnet we have seen.”
Despite the chilling news in the FortiGuard Labs report, there has been progress on other fronts. A collaborative effort between the U.S. and several other countries resulted in a takedown of the EMOTET cybercrime service in January. EMOTET had been a prolific distributor of malware and ransomware attacks.
“Immediately after that takedown, it dropped to half the activity it had before. And it’s been consistently staying at that low watermark,” Manky said. “That’s good news, because it shows that the coordinated efforts with law enforcement and partners to take down these are hitting their supply chain where it hurts. There is still a lot of work to be done.”
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
CUBE Conversations 2021 | Palo Alto. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For CUBE Conversations 2021 | Palo Alto
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for CUBE Conversations 2021 | Palo Alto.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
CUBE Conversations 2021 | Palo Alto. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to CUBE Conversations 2021 | Palo Alto
Please sign in with LinkedIn to continue to CUBE Conversations 2021 | Palo Alto. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Derek Manky, Fortinet | CUBEConversation
Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs talks with SiliconANGLE's Lisa Martin.
FortiGuard Labs reports major jump in ransomware as criminals use botnets to attack the edge
BY MARK ALBERTSON
The semiannual release of the FortiGuard Labs “Global Threat Landscape Report” is usually a good opportunity to get a temperature reading on the state of cybersecurity. Based on the latest report, released in August, ransomware is boiling hot.
Threat intelligence from the first half of 2021 showed a tenfold increase in ransomware attacks, with noticeable growth in both volume and sophistication. The prevalence of botnet detections jumped from 35% to 51% in just six months, according to the report, with a broadening of the attack surface to include new vertical industries.
“Now it’s built into this monster, almost an 11x increase from what we saw last December,” said Derek Manky (pictured), chief of security insights and global threat alliances at Fortinet Inc.’s FortiGuard Labs. “What is fueling this is new verticals that cybercriminals are targeting. Telecommunications and government have been in positions one and two. New verticals that have risen up are managed service providers, following the Kaseya attack, as well as operational technology.”
Manky spoke with Lisa Martin, host of SiliconANGLE Media’s livestreaming video studio theCUBE. They discussed continued prevalence of the Mirai botnet and recent progress through collaborative efforts to take down criminal operations. (* Disclosure below.)
Botnets fuel attacks
Kaseya Ltd., an IT platform used by managed service providers, incurred an attack earlier this year that pushed out copies of REvil ransomware to downstream customers. Threat actors are targeting supply chain players and then leveraging powerful botnets to exploit vulnerabilities in internet of things devices to increase the scale.
Hackers have managed to create several more powerful variants of the Mirai botnet, malware that turns networked devices running Linux into remotely controlled bots.
“Mirai is an IoT botnet, so it sits on devices, inside consumer networks or home networks, and that can be a big problem,” Manky said. “What we reported in the first half of 2021 is that Mirai is number one by far. It was the most prevalent botnet we have seen.”
Despite the chilling news in the FortiGuard Labs report, there has been progress on other fronts. A collaborative effort between the U.S. and several other countries resulted in a takedown of the EMOTET cybercrime service in January. EMOTET had been a prolific distributor of malware and ransomware attacks.
“Immediately after that takedown, it dropped to half the activity it had before. And it’s been consistently staying at that low watermark,” Manky said. “That’s good news, because it shows that the coordinated efforts with law enforcement and partners to take down these are hitting their supply chain where it hurts. There is still a lot of work to be done.”
