Quarterly Fortinet report: cybercriminals are hitting medium-sized companies

Fortinet presented the results of the latest quarterly cyberthreats survey. The global IT threat report is a review which is a summary of analytical data collected by FortiGuard Labs laboratories in the third quarter of 2017. It shows that automated large-scale attacks are becoming the norm, ransomware activity is becoming more and more common and almost 80% of organizations have experienced a serious security breach in the last three months.

The most important conclusions from the study

Increased attacks. 79% of companies reported serious attacks in the third quarter of 2017.

Detected 5,973 unique exploits, 14,904 unique malware variants from 2,646 different families and 245 unique botnets. The most popular in the last quarter was the exploit used to attack the American company Equifax - more than 6,000 cases of its use were detected. In addition, Fortinet has already identified 185 zero-day threats this year.

Medium companies in the viewfinder. Medium-sized companies reported a higher rate of botnet activity, which indicates something more than their "statistical share" in the number of cases of security breaches.

Ransomware is still common. After the break in the first half of the year, he reminded himself of Locky ransomware - largely thanks to three new campaigns, which was reported by around 10% of companies. In addition, 22% of organizations have experienced ransomware activity during the last quarter.

The re-emergence of botnets. Many organizations have repeatedly experienced the same botnet infections. This is alarming because either the organizations were not fully understood of the overall scope of the violation and the botnet reactivated again after the company's activity returned to normal, or the main cause was not found and the organizations were again infected with the same malware.

Widespread and elusive malware. The most common function of the most popular malware families was downloading and sending malicious code and infecting it with new systems. Destructive strains were also popular that establish remote access connections, capture user input, and collect system information. These advanced techniques have recently become the standard, which indicates the increasingly intelligent and automated nature of malware.



Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.