2019’s Top Security Threats

As the scale, scope and sophistication of cyber crime evolves faster than ever before, reliable threat intelligence is at a premium.

Here at Fortinet, we’re lucky to have one of the most complete perspectives on threat, thanks to the data gathered by more than 4.2 million devices running FortiGuard and our expert researchers at FortiGuard Labs.

Responsible for keeping FortiGuard updated against breaking threats, FortiGuard Labs’ 200 security experts and analysts use world-class machine learning tools to analyse more than one hundred billion security threats each day.

While these insights are always shared with subscribers via the FortiGuard portal and our regular reports, as the year comes to a close we’ve summarised some of 2018’s key trends below to help you plan your 2019 strategy.

Attacks get smart: Hivenets and Next-Gen Morphic Malware

Without a doubt, the integration of automation and machine learning into cyber attacks poses one of the most serious threats for businesses going forward.

Combining advances in AI and the rapid proliferation of poorly-protected connected devices seen in the last few years, ‘hivenets’ of ‘swarmbots’ will become a dominant threat in the near future. With the addition of swarm intelligence to identify and coordinate ideal attacks, global IoT-based threats like Mirai have the potential to become exponentially more damaging.

Algorithmically-generated polymorphic malware has posed a (predominantly volume-based) threat for decades. In 2017, FortiGuard labs recorded more than 62 million instances of malware, across 17,000 varieties.

Next-gen polymorphic malware will challenge traditional security firewalls designed to counter the sheer number of unsophisticated threats, as it uses machine learning to map out the networks of attack targets and conducts automated virtual PEN testing to deploy code with a higher chance of success.

Together, these threats require a more reactive security setup, that can manage broader attack surfaces (including cloud applications and IoT devices) and respond dynamically in real time.

A single, collaborative system is required to respond intelligently to threats wherever they arise: organisations relying on traditional perimeter defences won’t be able to keep up with the speed and flexibility of tomorrow’s attacks.

With automation that allows you to effectively meet threats at scale, Gartner recently recognised Fortinet as a leader in their 2018 Enterprise Network Firewalls Magic Quadrant.

Attackers will target what matters

It’s not just the methods of attack which are set to evolve over the next few years: we predict that cyber criminals are going to seriously pursue higher value targets, including critical infrastructure and major cloud providers.

Just as the cloud’s distributed computing can provide fantastic economies at scale for businesses, so too do they present a huge potential payday for cyber criminals.

Successfully compromising a cloud application, data host or DNS service provider with ransomware could put a halt to the operations of hundreds of businesses in a second.

For criminals, the opportunity lies in the massive potential attack surface of cloud services, which might be exploited by multi-vector attacks.

Similarly, as the systems supporting high-value infrastructure, such as energy, healthcare and water, are brought online to drive operational efficiency and meet the experience demands of staff and consumers alike, more cybercriminals will be inspired to target them.

Worryingly, many of these systems weren’t built with security in-mind as it was assumed, they could remain air-gapped beyond the reach of the vast majority of criminals.

To minimise the potential of these threats, organisations need to go beyond just applying extra security onto their existing systems – these threats require a fundamental shift.

Organic network structures which make attacks difficult to quarantine (particularly those that facilitate the east-west spread of infection) need to be replaced with a more intentional architecture, with security built into the fabric of the foundation.

Fortinet Security Fabric, including our award-winning FortiGate firewall, are continually updated and informed by the threat intelligence produced by FortiGuard Labs’ army of expert researchers and analysts.

Their cutting-edge research and development has led to the discovery of 600 zero-day exploits and more than 500 patents, underlining Fortinet’s position as a world leader in enterprise security.