In the second half of 2021, Fortinet noticed more automated and faster cyber attacks. Sophisticated, unpredictable and devastating are key points that characterize cyber attacks.
Fortinet published the FortiGuard Labs Global Threat Landscape Report this week. Fortinet publishes that report every six months and analyzes cyber attacks from the previous months. So the latest report deals with the second half of 2021.
“Developments in cybersecurity are occurring at a rapid pace. Recent security incidents show that cybercriminals are developing and executing attacks with unprecedented speed. New attack techniques are targeting all parts of the attack surface. They demonstrate a more sophisticated strategy that is less predictable and has devastating consequences,” said Derek Manky, chief Security Insights & Global Threat Alliances at FortiGuard Labs.
Log4j
In December, cybersecurity news was all about Log4j. Consequently, the Apache vulnerability cannot be missing from the analysis report.
read also
Malware characterized by unpredictable and devastating nature in second half of 2021
The vulnerability was heavily exploited, although attack attempts also missed their target at times. Attempts to exploit the vulnerability were nevertheless detected by intruder prevention systems the most of all cyber attacks, in the second half of 2021.
Cybercriminals try to exploit vulnerabilities even when they are known, as many companies fail to install patches in a timely manner.
New targets
Furthermore, analysts note a quadrupling of new Linux malware in the fourth quarter of 2021. Log4j is one of the cyber threats that targeted Linux. Although an increase in malicious executable & linkable format (ELF) files is also reported.
Linux is a popular target, according to the report, due to its high usage of operating systems. It counts high usage for network back-end systems and container-based solutions for IoT devices and mission-critical applications.
Specialized botnets
Further analysis showed that botnets were deploying more sophisticated methods of attack. This removes the predictable nature of botnets, where they primarily served to launch DDoS attacks.
read also
Malware characterized by unpredictable and devastating nature in second half of 2021
That seems to be a thing of the past now that botnets have mastered sophisticated attack tactics. Cybercriminals behind the botnets adopted exploits of the Log4j vulnerabilities, used a new variant of the RedXOR malware and the already known RedLine Stealer malware. The RedLine Stealer malware is hidden in files that supposedly contain information about the corona virus or a related thing.
Home workers targeted
Working from home continued to be addressed by the omicron variant in the second half of 2021. Cybercriminals took the opportunities presented by working from home with both hands. Browser-based malware proved particularly popular. Indeed, via phishing, criminals mainly distributed Microsoft Office files, PDF files and browser scripts.
Phishing gives cybercriminals an opening in the corporate network to spread malicious code, for example. Ransomware is a possible consequence of phishing and still proved particularly popular in the second half of 2021. In this regard, the sophistication, aggressiveness and impact of ransomware are increasing. Cybercriminals are relying on old ransomware that they are actively improving.