Anthony Giandomenico, senior security strategist and researcher at Fortinet's FortiGuard Labs, wrote in a Nextgov article published Friday that cybersecurity teams at federal agencies should be aware of the emerging attack trends as they map out their security strategies.
The top three trends Giandomenico discussed are the growth of ransomware as a service, the threat posed by EternalBlue and BlueKeep vulnerabilities and the use of old-school tactics by threat actors as agencies focus on anti-phishing campaigns and education programs.
“Ransomware as a service, or RaaS, has lowered the bar for entry for the cybercriminal underworld of operators,“ Giandomenico wrote. “Even without the technical skills required to develop and deploy their own original malware attacks, criminal groups can now rent existing attack services, disseminating malware to their targets in exchange for a cut of the profits.“
He discussed the importance of threat intelligence to agencies as they develop their cyber strategies. “Having threat intelligence is essential to establishing visibility into the efficacy of the overall security posture“”especially at the federal level“”not just for emerging threats, but to engage in security across the entire attack surface,“ Giandomenico noted.