Preparing your customers for today’s threat landscape

Sean Campbell, Director Canadian Channels, Fortinet

Among the many reasons 2021 won’t end up on a list of favourite years, the rise in cyberattacks is undoubtedly near the top. Sobering insights from FortiGuard Lab’s recent Global Threat Landscape Report reemphasize that attacks against individuals, organizations, and critical infrastructure are on the rise. Ransomware attacks, for example, increased a staggering 1070% between July 2020 and July 2021, targeting small businesses and corporate networks alike. 

The telecommunications sector, government agencies, managed security service providers, and automotive and manufacturing sectors were the heaviest hit. If your clients fall into any of these categories, chances are they’ve already been a target. But that doesn’t mean others can let down their guard. As attacks and attackers continue to multiply, no one is safe. 

As a provider, you are in a position to deliver exceptional value to your customers by helping them come to grips with today’s changing threat landscape by accelerating the adoption of the products, services, behaviours, and policies that will ensure their readiness. 

Ransomware on the rise

Research from Fortinet’s 2021 Global State of Ransomware Report found that 76% of respondents are very or extremely concerned about the threat of a ransomware attack. And the risk of losing data tops their list of concerns (62%). Recent high-profile cases include the Colonial Pipeline attack that disrupted oil and gasoline distribution across the United States’ East Coast region and the JBS Foods attack that led to concerns about a global meat shortage have helped fuel those concerns.

Cybercriminals are now increasing the pressure on ransomware victims to pay up. A new trend is to add extortion to their attacks by doxing (the threat of publicly exposing internal data) or threatening to contact a victim’s customers. They’ve even been known to add DDoS attacks to sow confusion and panic or sell the names of compromised companies to other attackers on the dark web. 

Attackers widen the net

In addition to ratcheting up the pressure on victims, attackers are finding new ways to deliver their malware. Phishing, malvertising, scareware, and other social engineering tactics are commonly used to trick users into inadvertently downloading malicious software or give up confidential information. These types of attacks are particularly high-risk for users working from home on personal devices that might connect to corporate networks. 

Attackers’ approaches also often take advantage of current trends. Recent examples include impersonating legitimate organizations, such as the World Health Organization. Attackers prey on people’s fear by offering fake updates from “official” sources, discounted personal protective gear, and even promising access to vaccines. 

Fortinet’s FortiGuard Labs has also found that detected malware are also increasingly able to evade defenses,  escalate privileges, and then move laterally across internal systems undetected to exfiltrate data, install back doors, and deliver malicious payloads.

Helping customers shore up defenses 

As new COVID-19 variants emerge and return-to-office plans are put on hold, organizations must proactively secure their networks, especially their work-from-anywhere (WFA) employees, against malicious attacks. But achieving this requires a modern approach to network security that combines advanced technologies, end-user training, implementation of best practices, and participating in the global effort to combat cybercrime through active threat sharing.  

Through cooperation and collaboration, organizations can access better data, gain valuable perspectives, and leverage the experience of others to formulate better preventions and responses to intrusions. Partnering with law enforcement agencies at home and abroad, for example, can help improve the chances of thwarting cybercrime groups that operate without regard for international borders. Public and private organizations can take a more proactive approach by reporting and sharing intelligence, making the cybercriminal’s job much harder while lowering the cost and risk for everyone else. 

Protecting the home front 

Taking an always-on approach to network security is one-way customers can ensure they are ready for new threats. Organizations that prioritize real-time endpoint protection, detection, and automated response solutions for their remote workers will find it easier to identify, alert on, and block intrusions across their ever-expanding network edges. 

Every organization can also benefit from a zero-trust access approach paired with network segmentation and encryption. A security fabric platform that integrates these technologies will help limit access to information, applications, and devices through strong authentication and access controls tied to defined roles and responsibilities. But to achieve this, security tools need to be more intelligent as well as fully integrated. And according to Fortinet’s Ransomware Survey, there is a consensus on this point, as nearly all respondents viewed combining threat intelligence with integrated security solutions or platforms as critical to preventing ransomware attacks. In fact, 41% of respondents identified it as extremely Important.

With the ferocity and velocity of attacks increasing, response times need to increase as well. Automated threat detection and AI are essential tools for real-time response to attacks—or better yet, to mitigate attacks with behavior-based detection and response capabilities through network-wide user and entity behavior analytics.

Having law enforcement and governments work hand in hand with public and private organizations to combat cybercrime is an essential step in the right direction. But it’s still prudent to take a proactive approach. Channel partners can deliver real value to their customers with solutions that offer real-time endpoint protection, zero-trust access, network segmentation, and automated response solutions powered by AI. With such advanced technologies in place, your customers are better equipped to address attacks in real-time and take a stronger stand against the growing risk of cyber threats.