Daily News Cyber Crime & Forensic Device & IoT Threat Detection & Defense

Takeaways From Fortinet Accelerate 2024: The New Face of Cybercrime – Why Collaboration is Critical

Bailey Martin June 24, 2024

3 minutes read

‘Fortifying Networks’… Push the two words together and you get ‘Fortinet’, which highlights this company’s beginnings in the cybersecurity industry. Gaining major success with its FortiGate Firewall, the company became renowned for protecting networks and digital assets. Since their start in 2000, the company saw fit to continuously expand its horizons and increase its portfolio to meet the ever-evolving threats of cyber attacks. Their new horizons were emphasised at their Fortinet Accelerate 2024 Media Briefing in Kuala Lumpur at the Hilton, where Senior Director for SEA and HK, Peerapong (Pete) Jongvibool, shared some useful insight about developments in cyber threats both in Asia and globally. In a nutshell, public and private groups should start openly sharing and discussing vulnerabilities to maximise awareness, because you can be sure that cybercriminals are now unified, working together, and sharing resources to capitalise on these vulnerabilities. Long story short, the quicker these vulnerabilities are shared among each other, the quicker they can get fixed. Let’s break this down further…

From Mass Attacks to Targeted Tactics Fortinet

Before covering more obvious cybercrime developments, such as the weaponisation of Artificial Intelligence (AI) (don’t worry, we will get to this part), let’s first discuss the changes in how the bad actors themselves now operate. Rashish Pandey, Fortinet’s Senior VP for Marketing and Communications in Asia, was based in Singapore for the duration of the event but took time out of his schedule to speak virtually and elaborate on these behavioural changes. He warned that cybercrime was becoming more organised. Although there was a marked drop of 70% in ransomware detections in the 2^nd half of 2023, it was possibly due to the uptick in more targeted attacks on industrial and OT sectors. Instead of randomised ‘Spray & Pray’ attacks, FortiGuard Labs noted more focused and planned ‘Advanced Persistent Threat Groups (APT)’ coming in waves to attack vulnerable companies, like digital guerilla tactics so to speak. So, with this instance alone companies should remain aware that cyber threats are not going away, they are just changing and becoming more focused on finding vulnerable companies.

Peerapong (Pete) Jongvibool, Vice President for Southeast Asia and Hong Kong, Fortinet

Let’s move our attention to these ‘vulnerabilities’ mentioned. After all, these are what cyber attackers are acting on. According to Fortinet’s own reports, simple issues like patching and updating have been a cause for major threats last year. Fortinet’s figures showed that 98% of organisations detected exploits that were as old as 5 years. Some were as old as 15 years! What’s more is that in the 1^st half of 2023, Common Vulnerabilities & Exposures (CVEs) were likely to be exploited within 8 days of being publicly disclosed. Compare that to the 2^nd Half of 2023 where that timeframe was almost cut in half down to 4.75 days. This is where both Pete and Rashish emphasised the importance of stakeholders to encourage transparency from vendors about vulnerabilities. In the public sectors globally and in Asia, we can see more ‘Cyber-bills’ and legislature encouraging the open sharing of resources to defend against cyber threats. It is the hope of those at Fortinet and other vendors that transparency is not met with criticism but with quick reaction from stakeholders and other groups to take a shared precaution against these threats.

Cybercriminals Up Their Game

Now let’s talk about how the bad actors are using AI. If you want to know which groups of people are consistently experts on utilising AI, cybercriminals are definitely high on that list. The truth may be unsettling, but it’s the reality. According to the World Economic Forum: Current Risk Landscape 2024, 56% of perceived risk was around AI-generated misinformation and disinformation. Take the vulnerabilities discovered, the increase in collaboration from cyber attackers, and now factor in their use of AI to speedily search for companies with vulnerabilities to home in on the ‘weakest in the flock’, the weakest, in this case, being the companies who are unaware of their need to patch or update their systems. Suddenly it’s a bit more comprehensible as to how APT groups can focus their attempts on a concentrated pool or vulnerable companies. This is just one way AI is used. Rashish Pandey had also warned against Generative Profiling attacks. With the use of AI, now multitudes of false deepfake profiles can be created via voice, name, facial features, etc., at a rate larger than ever before. These deepfake attacks go beyond emails to phone calls, voicemails, and video calls. Perhaps some readers may recall the story of the poor finance worker in HK who was scammed into paying HK$200 million of her company’s funds to a scamming group using deepfake AI to impersonate her superiors.

Just as these cyber attackers are upping their game to detect the weakest groups among us, so must we up our game, by encouraging transparency between trusted groups, using AI of our own to detect these threats incoming at a faster rate, and fixing ourselves what AI cannot, which would be our outdated networks and systems that require patching. So, from CSA, a big thank you to Fortinet’s own Peerapong Jongvibool and Rashish Pandey for doing their part in spreading the importance of transparency and shared precaution when it comes to cyber threats.