Threat Management

SC In Focus: More ransomware… and more arrests!

In the latest installment of SC Media's In Focus video series, Adrian Sanabria and Derek Manky discuss the findings from FortiGuard Labs' latest installment of their bi-annual Global Threat Landscape Report.

Compared to last year, rates of ransomware incidents have increased an order of magnitude: 10.7x! While telecoms and government organizations are still near the top of the target list, there's a marked rise in attacks against MSSPs, manufacturing, and OT (operational technology) environments.

However, while we've seen more organizations than ever get hit with ransoms, we've seen more cybercriminal arrests than ever. It's rare to see more than one major arrest or disruption of a major cybercrime group in a given year. So far, in 2021, we've seen arrests and/or disruptions to Emotet, Trickbot, Netwalker, Egregor, and more.

While email-based attacks are still common, there has been a shift toward more web-based attacks. Campaigns recalling the "your system is infected" fake antivirus attacks of a decade ago have made a resurgence. Email attacks have shifted away from COVID-19 themes back to tried-and-true HR and technical support scams.

Finally, we discuss some groundbreaking work FortiGuard Labs is doing with MITRE. While MITRE ATT&CK maintains an encyclopedia of techniques used by attackers, this research produces a heatmap, focusing on the ones used by attackers the most. This is hugely helpful, as defenders can prioritize their efforts in blocking the techniques most valuable to the attackers.

Some of the hottest techniques included:

  1. defense evasion
  2. privilege escalation
  3. lateral movement through removable media

Learn more by watching this video, or visit Fortinet's Blog at

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.