Fortinet Releases the 2021 Ransomware Survey Report

Recently, Fortinet released the “2021 Ransomware Survey Report” (hereinafter referred to as the report) based on the results of a ransomware survey conducted on 455 enterprise managers and cyber security decision makers worldwide. The report shows that the global threat posture remained severe in the first half of 2021, with 94% of respondents worried about the threat of ransomware attacks. At the same time, the threat audience, new forms of ransomware and other aspects of the development of the situation is also beyond imagination. Ransomware is raging and the threat is everywhere, but many enterprises are not yet ready, and only a full range of holistic and integrated security solutions can help enterprises face the new cyber threat head-on.

Ransomware may not be what you think it is

Ransomware attacks are pervasive, and fear and anxiety about ransomware have become commonplace. While it’s often only the ransom events of some prominent companies that draw widespread attention, the truth is that ransomware attacks don’t just target large enterprises; SMBs are more vulnerable, with more than 71 percent of ransom attacks in 2018 alone coming specifically against SMBs. The report shows that 94% of respondents are anxious about the threat of a ransomware attack, while 76% of respondents show great or extreme concern, and 85% believe that the threat of ransomware has surpassed other types of cyber attacks.

Whether to pay the ransom or not is an equally big question. The report shows that 96 percent of organizations feel they are at least prepared to deal with the ransomware threat, for example by incorporating defensive measures such as employee training (61 percent), risk assessments (60 percent), offline backups (58 percent) and cybersecurity/ransomware insurance (57 percent) into their response plans for ransomware incidents. However, many organizations do not have a reasonable strategy for dealing with ransom payments, although 72% of respondents claim they have a ransom strategy in place. Interestingly, however, 49% of these choices turned out to be direct ransom payments. It is worth noting that this corporate “ransom strategy” is often ineffective, as the Dark Web does not offer a price out of hand, but rather sets the ransom amount based on the victim organization’s ability to pay, and also has a dedicated person to bargain with those organizations that are unwilling to pay.

At the same time, for how to effectively prevent ransomware attacks, many respondents are a bit “taken for granted”. The report shows that enterprises are vulnerable to ransomware attacks on the weakest link, the most worried about remote workers and their mobile devices. As a result, traditional means such as Web security gateways, VPNs and network access control were selected as the top options for dealing with ransom attacks. And emerging technologies such as Zero Trust Network Access (ZTNA), User and Entity Behavior Analysis (UEBA), sandboxing and SD-WAN, which are smarter and more effective at blocking the lateral movement of ransomware and identifying intruders and ransomware variants more accurately, are not getting the attention they deserve from enterprises.

Ransomware is coming on strong and the threat is everywhere

According to FortiGuardLabs research, 2022 is shaping up to be a big year for cybercrime: a gradual rise in ransomware and a swarm of attackers racing to find new targets. Cyber attacks will continue to spread throughout the digital world, overwhelming IT teams with a future security posture of left-sided attack chains, top-down attack mechanisms and full coverage from the core to the edge.

Fortinet predicts that cybercriminals will be working on the left side of the attack chain in the MITREATT&CK framework, spending more time and effort on reconnaissance and discovery of zero-day vulnerabilities, and using new technologies and extended network environments to launch attacks. At the same time, we will also see a significant increase in the pace of attacks on the right side due to the expansion of the “ransom as a service” market.

At the same time, attacks against satellite network vulnerabilities are likely to emerge over the next year, and new types of threats are already being seen against satellite networks, such as ICARUS – a proof-of-concept DDoS attack that exploits the global accessibility of satellites to launch attacks from multiple locations to launch attacks. And on the smaller end of the scale, digital theft against crypto wallets will continue to increase.

In 2022, attacks are likely to continue to spread from the core to the edge and across the network, with a significant increase in attacks against industrial control (OT) systems in particular. A new report from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) shows that more and more ransomware attacks are targeting critical infrastructure, posing a growing threat to industrial assets and control systems. At the same time, new types of “edge-initiated” attacks continue to emerge, with edge malware hiding at the edge to avoid security detection while monitoring the activity and data of edge devices, and then stealing, hijacking and even extorting applications and information from critical systems.

Fortinet addresses new threats with a full range of holistic and integrated security solutions

Defending against the new ransomware threat requires a holistic, integrated security solution. No matter where they are deployed, single-point security products should be replaced with security appliances that work together to form a unified solution that requires a unified policy for tracking data and transactions throughout to protect every user, device and application. Centralized management also ensures consistent enforcement of policies, timely delivery of configurations and system updates, and centralized collection and correlation of suspicious events that may occur at any node in the network.

Security tools should be selected based on their ability to detect malicious loads before they are delivered, prevent known/unknown threats, and respond to active threats in real time, which most enterprises are still largely unaware of. The most surprising finding in the survey was that few respondents chose an email security gateway, yet more than half of enterprises reported that phishing was the most common method used to compromise their organization. New email security gateways are the first line of defense against ransomware, detecting and disabling malicious attachments and links before they reach users’ inboxes. For example, the Fortinet FortiMail Email Security Gateway is one such “critical line of defense.

FortiGate Next Generation Firewall (NGFW) also provides powerful threat prevention, detection and response capabilities, integrating industry-leading security features such as SSL inspection (including the latest TLS 1.3), Web filtering and Intrusion Prevention System (IPS) to provide comprehensive network protection and visual control.

FortiGateNGFW is also the bearer of Fortinet’s SD-WAN solutions and products, with built-in ZTNA’s access proxy function, providing a zero-trust approach with never-trust, continuous authentication to ensure users’ remote access. It also provides comprehensive traffic visualization and compliance auditing capabilities for all users, applications and devices inside and outside the network, helping organizations and institutions implement consistent security policies across the cloud, edge and end, effectively blocking ransomware attacks and propagation.

In addition, FortiGateNGFW is backed by FortiGuard Labs’ top-tier security intelligence services and integrated with specialized advanced threat detection products FortiSandbox and FortiNDR, which can significantly reduce the risk of ransomware attacks spreading through the network. Not only that, Fortinet offers complete ransomware detection and protection capabilities for WAF, CASB and CWPP family of products and solutions for the security defense of web applications, cloud services and cloud infrastructure.

All of this has been integrated into the FortinetSecurityFabric security architecture system, underpinned by a unified FortiOS base system, with a unified interface for SD-WAN, next-generation firewall (NGFW), advanced routing, and zero-trust network access ( ZTNA) agent and other functions and products management through a unified interface to perform unified configuration and management logic, which is the all-in-one support of FortinetONE WAN Edge (unified WAN edge).

This is the concept and advantage of Fortinet’s security and network convergence and device and system unification. This concept can help users effectively reduce the number of devices, simplify the operation and maintenance management interface, reduce the digital operation cost of enterprises, improve operational efficiency, and enhance the quality of user network experience, while preventing the ubiquitous security risk of ransomware.

Comprehensive coverage, deep integration, dynamic collaboration, as well as high performance and ultra-scalability are essential capabilities for security systems that protect an organization’s business operations. To address evolving and evolving cyber threats, organizations should adopt the SecurityFabric platform based on the Network Security Grid architecture, which Fortinet ransomware security protection solutions not only block ransomware infection paths such as Web sites, email and lateral movement, but also serve as the last line of security for offline hosts or remote office workers’ The Fortinet ransomware security solution not only blocks the infection paths of ransomware such as web sites, emails and lateral movement, but also becomes the last security protection for offline hosts or remote workers’ end devices, providing comprehensive security protection for enterprise users.

华为P50 Pocket(8GB/256GB) 宝盒形态设计,晶钻立体微雕工艺,智慧外屏,120Hz高刷新率内屏

Huawei P50 Pocket (8GB/256GB) Treasure box design, crystal diamond three-dimensional micro-engraving process, intelligent external screen, 120Hz high refresh rate internal screen

[Distributor] Store

[Product Price] RMB 8988

小米12 Pro(8GB/128GB/5G版) 高通骁龙8Gen1处理器,5000万超清三主摄,120W小米澎湃快充

Xiaomi 12 Pro (8GB/128GB/5G version) Qualcomm Snapdragon 8Gen1 processor, 50 million ultra-clear triple main camera, 120W Xiaomi Surge fast charging

[Distributor] Store

[Product Price] 4699 (Pre-sale)

HUAWEI MateBook X Pro 2022款(i5 1155G7/16GB/512GB/集显)

HUAWEI MateBook X Pro 2022 model (i5 1155G7/16GB/512GB/collective display)

40% off with coupon

[Distributor] Store

[Product Price] 9499 (Pre-sale)