Fortinet Global Threat Landscape Report shows a need for security professionals

SUNNYVALE, Calif. — Research by cybersecurity company Fortinet has found that sophisticated cyberattacks targeting infrastructure and large entities increased in the latter half of 2023.

Fortinet has released its semi-annual Global Threat Landscape Report that examines threats and challenges faced in the cybersecurity field, both physical and existential. “If the growing number of attacks weren’t enough to keep most CISOs awake at night, the cybersecurity domain is simultaneously grappling with the ongoing challenge of attracting and retaining skilled professionals,” Fortinet writes in the report. “The rising demand for qualified cybersecurity experts, coupled with the need for organizations to offer attractive career development opportunities and work environments, continues to highlight the importance of human capital in combating cyberthreats.”

Any new security professionals will need to be at the top of their game as well. Fortinet’s research found that more than 40% of ransomware and wipers targeted the industrial sector, indicating that cybercriminals are focused on OT and the supply chain. Cybercriminals are also executing on their plans faster according to the report. Fortinet said that on average, for new exploits identified, attacks occurred within 4.76 days after discovery, or 43% faster than the prior period.

Most concerning for other sectors of the security industry may be the rise of IoT exploits which target hardware like routers and cameras which Fortinet identified as often being unprotected or underprotected. “Vulnerabilities affecting routers, cameras, and other IoT devices were the focus of several outbreak alerts published by FortiGuard Labs throughout 2023,” the report states.

Other notable statistics from the report include 30,000 new vulnerabilities across all industries published in 2023, a 17% increase from the previous year, and 44% of industrial organizations experiencing ransomware attacks and wiper detections in the second half of 2023. Late 2023 also saw as many as 23 new malware strains, eight mobile malware strains, and 15 Ransomware-as-as-service programs. That said, some vulnerabilities remain unaddressed for years, which Fortinet warns organizations to be cognizant of.

“Keep ‘old’ vulnerabilities on your radar. New exploits and malware can spread far and fast, so if your organization tends to be among the first targeted, it can be only a matter of hours or days before attacks come your way. However, we’ve also seen that many vulnerabilities, even ones that have existed for years, often remain on threat actors’ radar as active targets. Unfortunately, this means you can’t be so focused on safeguarding against new vulnerabilities and attacks that you neglect the old ones. Successful security teams need to protect against the entire exploitation life cycle, and this starts with a proactive patching and updating program.”

You can download a copy of the report online at www.fortinet.com.