Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Few things can shake up the threat landscape as violently as an international conflict. State-sponsored actors and cybercriminals on both sides of the Russia-Ukraine cyberwar have an unprecedented opportunity to innovate new malicious tactics and techniques to disrupt the communication of their opponents.
According to Fortinet’s semiannual Global Threat Landscape Report released today, the war in Ukraine has contributed to an uptick in disk-wiping malware. Researchers discovered at least seven new major wiper variants used in targeted campaigns against government, military and private organizations in Ukraine.
The report also found that ransomware variants have grown almost 100% over the past year, from 5,400 to 10,666, as the ransomware-as-a-service economy continues to grow.
While these attacks were mainly used to target entities affiliated with Ukraine, these techniques can also be used internationally. This means enterprises need to prepare to combat malware threats designed to destroy their ability to back up and recover compromised data.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
The reality of the Russia-Ukraine cyberwar
It’s important to note that these new threats aren’t just confined to the Russia-Ukraine geopolitical conflict, but have the potential to be reused for years to come, as cybercriminals attempt to replicate the success of the most devastating tools.
As Paul Proctor, Gartner VP and former chief of research for risk and security at Gartner, noted earlier this year, unlike traditional war, cyberwarfare doesn’t have physical boundaries and warned that, “the broader effects of a heightened threat environment will be felt by organizations worldwide.”
One of the most devastating techniques that’s gained popularity during the conflict is using malware to wipe an organization’s data so it can’t be recovered.
“The war in Ukraine fueled a substantial increase in disk-wiping malware among threats across primarily targeting critical infrastructure,” said Derek Manky, chief security strategist and VP global threat intelligence, Fortinet’s FortiGuard Labs.
“Wiper malware trends reveal a disturbing evolution of more destructive and sophisticated attack techniques continuing with malicious software that destroys data by wiping it clean. This is an indicator that these weaponized payloads are not limited to one target or region, and will be used in other instances, campaigns and targets,” Manky said.
How organizations can avoid becoming collateral damage
Rather than becoming collateral damage to the cyberwar, Fortinet’s report recommends organizations use threat assessments to identify exposures, while securing endpoints against zero-day vulnerabilities and implementing zero-trust network access controls
In addition to this, Manky also recommends that CISOs turn to threat intelligence to gain a deeper understanding of the goals and tactics used by threat actors. This will enable them to better align their defenses and mitigate the latest techniques attackers innovate.
Organizations can also complement these measures with security awareness training, to reduce the likelihood of employees downloading malicious attachments that could infect the environment with one of these new malware strains.