Business & Technology
Organizations today face an unprecedented volume of increasingly sophisticated threats as they conduct online operations. As the potential attack surface expands and attack volumes increase, it is imperative to track the most popular and successful strategies of cybercriminals to stay ahead of their malicious intentions.
The quarterly Fortinet Global Threat Landscape Report gathers the collective intelligence drawn from FortiGuard Labs' large array of sensors deployed in live production environments. The research data in the most recent report focuses on three aspects of the threat landscape: application exploits, malicious software, and botnets. It also examines important zero-day vulnerabilities and infrastructure trends to add context about the trajectory of cyberattacks affecting organizations over time.
What the Data Reveals
Below are the key findings from the latest "Threat Landscape Report" that organizations need to know about in order to prepare for what's ahead.
Application exploits, malicious software, and botnets:
When it comes to the cyber threat landscape, infrastructure statistics offer a powerful overview because strong correlations exist between infrastructure usage and threat frequency. For example, firms that use a lot of peer-to-peer and proxy apps report seven to nine times as many botnets and malware as those that don't use them.
In the fourth quarter of 2017, firms also appear to have used more bandwidth and encrypted more web traffic than ever before, but they are actually visiting fewer sites and using fewer applications. There is also a special interest in keeping tabs on the ratio of HTTPS traffic in the network. It's continuing to trend up.
While helpful for maintaining privacy, higher encryption rates also present challenges to threat monitoring and detection. Inspecting Secure Sockets Layer traffic has a significant impact on the performance of firewalls, which means it can affect the amount of network traffic that is actually being inspected. And organizations — especially those with higher HTTPS ratios — cannot afford to ignore threats that might be lurking within encrypted communications.
Best Practices for Stronger Security
With the volume, velocity, and variety of modern threats increasing, standalone point devices and platforms are rapidly becoming inadequate and ineffective. Organizations need a more unified approach that makes it practical for security teams, large or small, to achieve and maintain a competent security posture.
To protect the network against application exploits, malicious software, botnets, and zero-day vulnerabilities, organizations need to stay abreast of and track popular and successful threats. In addition, automated security measures can help pit swarm against swarm in order to effectively counter and repel an attack.
A unified defense posture can also help companies by detecting known and unknown threats at multiple layers throughout the environment. Growing your capability to detect and sever botnet communications at key choke points in your network is another solid strategy. Additionally, an internal network segmentation strategy will help detect and automatically contain all kinds of threats.
Looking back at data from 2017 reveals that to effectively combat today's ever-evolving threats, you need to break down siloes and bring many security tools together for a collaborative approach that can help you see everything that's coming at your network.
Check out our latest Quarterly Threat Landscape Report for more details about recent threats.
Sign up for our weekly FortiGuard intel briefs or for our FortiGuard Threat Intelligence Service.