Fortinet Reveals Accelerated Exploitation of New Industry Vulnerabilities in 2H 2023

Fortinet, a leading cybersecurity company driving the integration of networking and security, has unveiled alarming trends in its latest semi-annual report, the FortiGuard Labs 2H 2023 Global Threat Landscape Report. This report sheds light on the increasing speed at which cybercriminals are exploiting newly identified vulnerabilities within the cybersecurity industry, indicating a 43% faster exploitation rate compared to the first half of 2023.

Derek Manky, Chief Security Strategist & Global VP Threat Intelligence at FortiGuard Labs, emphasized the shared responsibility of both vendors and customers in addressing this threat landscape. Manky stressed the need for vendors to enhance security measures throughout the product development lifecycle and adhere to transparent vulnerability disclosure practices. He also highlighted the importance of customers maintaining rigorous patch management processes to mitigate the risk of exploitation.

The key findings from the second half of 2023 include:

• Accelerated Exploitation of New Vulnerabilities: Cyber attackers initiated attacks on average within 4.76 days of the public disclosure of new exploits, marking a significant increase in speed compared to previous periods. This underscores the urgency for vendors to prioritize internal vulnerability discovery and patch development to mitigate instances of 0-Day vulnerabilities.
• Persistence of Unpatched Vulnerabilities: Despite efforts to address newly identified vulnerabilities, Fortinet telemetry revealed that a significant portion of organizations detected exploits targeting vulnerabilities that have existed for over 15 years. This highlights the ongoing need for organizations to maintain vigilant patching practices and leverage guidance from industry organizations to enhance network security.
• Focused Ransomware Attacks: While overall ransomware detections decreased, targeted ransomware and wiper activities surged in specific sectors, including energy, healthcare, manufacturing, transportation, logistics, and automotive industries.
• Botnet Resilience: Botnets demonstrated remarkable resilience, with an average of 85 days passing before command and control communications ceased following detection. The emergence of new botnets further underscores the evolving nature of cyber threats.
• Activity of Advanced Persistent Threat (APT) Groups: A significant number of APT groups, including Lazarus Group, Kimusky, APT28, and APT29, remained active during the second half of 2023, signaling ongoing threats from sophisticated adversaries.

In addition to these findings, the report provides insights into the discourse among threat actors on dark web forums, highlighting the industries most frequently targeted and the prevalence of data breaches and vulnerabilities discussed.

Fortinet emphasizes the importance of collaboration and transparency in combating cybercrime, advocating for industry-wide initiatives to enhance cyber resilience. Through ongoing innovation and collaboration with stakeholders across various sectors, Fortinet aims to empower organizations to effectively defend against evolving cyber threats.