CDSA

This is cyber “threats report season” and, when it comes to cybersecurity threats, “the world’s never getting better,” according to Brook Chelmo, director of product marketing at Fortinet.

“It just seems” that the time to detect and repair “the number of unique ransomware strains [and] malware, these all seem to rise,” he said March 29, during the webinar “A Visionary Approach to Cybersecurity.”

He pointed to a chart showing that monthly volume of detections per month ranges between 360,000 and 420,000, which he said is “three times higher than the monthly average in 2021.”

That is a clear sign, he said, that “ransomware for some reason, never seems to plateau; it just keeps getting bigger.”

From his experience with ransomware crews, he noted, “they would start doing credential theft, they would start doing other things” during the course of the year “but they would always do ransomware on the side if they didn’t focus on it 100 percent because it was a way to fund themselves [in a] kind of a more  consistent way.”

Pointing again to the chart, he said individual detections per week were also on the rise, adding: “I don’t need to really sell you on the pain here. But we all feel we’re all worried about it.”

There are also “other concerns too that go beyond ransomware,” he said, pointing to business email compromise” as one big example.

“We’re also seeing huge shifts in the market,” he told viewers, noting North Korea has “really cornered the market” when it comes to ransomware attacks and “hitting crypto exchanges to really fund their weapons programs.”

Meanwhile, “since even before the invasion of Ukraine by Russia, starting in October of 2021 is when Russia really began to ramp up their ability to do cyber attacks, not only just against Ukraine, but also against the United States, Germany and other allies and other NATO members,” he said.

Data showed that, in the last half of 2022, 75% of all ransomware strains were “all coming out of Russia,” he added. “Many of them [are] private because they can work without impunity. And, as a result, they start to copy the North Korea playbook for trying to fund the programs that they need to fund internally.”

Cody Johnson, senior threat analyst for Fortinet’s FortiResponder Managed Detection and Response (MDR) service, then went deeper into some of the data. “Cody gets to see the ugly side of IP security on a daily basis,” Chelmo said while introducing him.

David Finger, VP, products and solutions at Fortinet, later explored some of the challenges in the sector, pointing to the trend of data always growing and being everywhere as one example. Meanwhile, there is greater consolidation among vendors, he noted.

Fortinet’s strength in endpoint protection was then explored.