The convergence of physical things and cybersecurity is creating an expanded attack surface, one that cybercriminals are increasingly targeting, a new report on the threat landscape revealed.
The Fortinet Threat Landscape Report Q4 2018 showed that half of the top 12 global exploits targeted internet of things (IoT) devices, and four of the top 12 were related to IP-enabled cameras.
“Access to these devices could enable cybercriminals to snoop on private interactions, enact malicious onsite activities, or gain an entry point into cyber systems to launch DDoS or ransomware attacks,” the report noted.
“It is important to be aware of hidden attacks even in devices we use to monitor or provide security,” it added.
This confirms FutureIoT’s earlier reports on the vulnerability of even everyday objects such as connected toys or smart home devices.
Fortinet said that “a security fabric is needed to span the entire networked environment from the IoT endpoint to multi-clouds to integrate each security element to address today’s growing threat environment and to protect the expanding attack surface.”
“This approach enables actionable threat intelligence to be shared at speed and scale, shrinks the necessary windows of detection, and provides the automated remediation required for today’s threats,” the report explained.
Also included in the report is the Fortinet Threat Landscape Index (TLI), comprised of individual indices for three central and complementary aspects of that landscape which are exploits, malware, and botnets, showing prevalence and volume in a given quarter.
According to the Fortinet Threat Landscape Index, the Index hit an all-time high during Q4, which it says is indicative of the constant ebbs and flows of cyberthreat activity.
“While cyber adversary activity overall subsided slightly, the number of exploits per firm grew 10 percent, while unique exploits detected increased 5 percent. At the same time, botnets become more complex and harder to detect,” Fortinet said.
“Time for infection of botnets increased by 15 percent, growing to an average of nearly 12 infection days per firm. As cybercriminals employ automation and machine learning to propagate attacks, security organizations need to do the same to combat these advanced methods,” it added.
