![Page 1: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/1.jpg)
1
Threat Landscape Report Q2
Dennis Ladefoged – SE
DennisLadefoged
![Page 2: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/2.jpg)
Company OverviewWho are we and what is FortiGuard?
Q2 2019 Key FindingsBy the numbers, Bluekeep, IOT, Ransomware & Fortnite
Key TakeawaysWhat to keep on the lookout for
Fortinet Security FabricBroad, Integrated & Automated
Wrapping upQuestions
Agenda
![Page 3: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/3.jpg)
5,800+
EMPLOYEES WORLDWIDE
110+OFFICESACROSSTHE GLOBE
467PATENTS291 INPROCESS
ISSUED
4.6mSHIPPEDSECURITYDEVICES
340KCUSTOMERS
$1.8bnREVENUE
IN EXCESS OF
$1.5bnIN CASH
19%YEAR ON YEARGROWTH
2000BY KEN XIE
FOUNDED IN
HEADQUARTERED INSUNNYVALECALIFORNIA
Company Overview
![Page 4: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/4.jpg)
4
Gartner Magic Quadrant for Enterprise Network Firewalls, Adam Hills, Jeremy D’Hoinne, Rajpreet Kaur, 4, October 2018
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability orfitness for a particular purpose.
Fortinet Once Again Recognized as a Leader in this Magic Quadrant
Gartner’s Magic Quadrant for Enterprise Network Firewalls
![Page 5: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/5.jpg)
5
FortiGuard Labs – Threat Intelligence
8 dedicated labs
Sunnyvale Vancouver Ottawa France Singapore Taiwan TokyoKuala Lumpur
250+researchers & analysts
480,000research hours
per year
31countries
Research
Development
Innovation100 Billionsecurity events a day
Presence inResponse
Outreach
Education
![Page 6: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/6.jpg)
6
FortiGuard Labs – Numbers
![Page 7: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/7.jpg)
7
FortiGuard Threat Intelligence Partnerships
CISCP & NCCIC
![Page 8: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/8.jpg)
8
Threat Landscape Index
Closed out Q2 with highest peak in 1-year
4%
![Page 9: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/9.jpg)
9
Q2 Threat Landscape 2019 – by the numbers§ Exploits § 184 billion exploit detections § 1.8 billion average daily volume § 6,298 unique exploit detections § 69% of firms saw severe exploits
§ Malware § 62 million malware detections § 677,000 average daily volume § 16,582 variants in 2,534 families § 18% of firms saw mobile malware
§ Botnets § 2.9 billion botnet detections § 32 million average daily volume § 243 unique botnets detected § 993 daily communications per firm
§ Phishing§ Email remains the #1 attack vector§ 92.4% of malware are delivered via email§ 49% of malware was installed via email § 16,582 Unique malware variants in Q2
![Page 10: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/10.jpg)
10
The Rise Of BlueKeep
§ Allows an unauthenticated user to connect.
§ BlueKeep is “wormable” and allows malware to spread. - in the same manner as the notorious WannaCry ransomware in 2017!
§ The end of Q2 2019, internet scans showed there were more than 800,000 unpatched systems with RDP services exposed to the internet.
![Page 11: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/11.jpg)
11
Probing The Grid
§ We have seen scans of dozens of U.S. power grids and the oil and gas industry. Schneider Electric SCADA controllers as target.
§ 1% of organizations increase, is much higher than we typically see for Schneider’s (and othermanufacturers’) ICS or SCADA products.
§ From industrial controllers to Smart home systems.
![Page 12: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/12.jpg)
12
Upping Threat-Detection MeasuresRogue macro in the Japanese spam campaign
Designed to look for certain Excel-specificvariables at multiple points during execution. Ensuring it was running within an Office Excel environment and not in an emulator
§ Only run on Japanese systems§ xlDate variable?§ Disabling security tools§ Executing commands§ Causing memory problems
One Excel property that it looked for in particular—xlDate variable—was something that we haven’t observed before in other malware!
![Page 13: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/13.jpg)
13
Ransomware In Overall Decline
§ Declining in Overall Volume but More Targeted
§ Cybercriminals focusing on organizations that can pay
» Network breached then considerable reconnaissance before deploying ransomware
§ To pay or not to pay?
![Page 14: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/14.jpg)
14
CryptoJacking
§ In a decline since CoinHive shutdown§ 59% had detected attacks at some point1
§ 80% occurred in the last 6 months1
§ 38% believe they have never been subjected to such an attack1
Notes/Sources:1. 2018 OnePoll & Citrix
![Page 15: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/15.jpg)
15
Fortinet protects Fortnite
§ Malware disguised as aimbot hack§ Game malware and ransomware
combined§ Up to 250 million Fortnite players§ IPS Signature:
![Page 16: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/16.jpg)
16
Key Q2 2019 Findings
MORE ENCYPTED RECORDS
EDUCATION HIGH RISK
OLDIES BUTGOODIES
WEEKENDWARRIORS
SLOW PATCHING FUELS
RANSOMWARE
THAT’S SUCHA DOWNER
NOTHING BUTBOTNETS
WHEN SHARINGISN’T CARING
90% 3 years
or older! 44%57% HTTPS
3% had more than 10 unique botnets
7-9 times as
many botnets
![Page 17: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/17.jpg)
17
Fortinet Security Fabric
Open Ecosystem
NetworkSecurity
Network Security
Device, Access, and Application Security
Multi-Cloud Security
NetworkOperations
Security Operations
Multi-CloudSecurity
Endpoint/DeviceProtection
SecureAccess
ApplicationSecurity
FabricAPIs
FabricConnectors
SecurityOperations
INTEGRATEDAI-driven breach prevention across devices, networks, and applications
AUTOMATEDOperations, orchestration, and response
BROADVisibility of the entire digital attack surface
![Page 18: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/18.jpg)
18
FortiGate
FortiManager
FortiGuard Labs
Manage External Risks
Powerful security
Prevent sophisticated Cyber attacks
Remove Blind Spots
Full visibilityGartner estimates that by
2019 80% of enterprise trafficwill be encrypted
Internal SegmentationProtect your network - enable
L7 security between segments
Reduce Complexity
Consolidate point products
Improving security posture
12
3
Fortinet Security Fabric - Fortigate
Security Operations
FortiManager
![Page 19: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/19.jpg)
19
FortiManager
FortiGuard Labs
Breach protection
External and Internal threats
Early WarningRedirect attacks, analyze and
respond
Ease Of Use
Wizard-based provisioningand deployment
Fabric IntegrationActionable visibility
Automation
12
Fortinet Security Fabric - FortiDeceptor
FortDeceptor
![Page 20: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/20.jpg)
20
FortiManager
FortiGuard Labs
FortiClient
Managed Endpoint SecurityFabric Integration
Integrated VPN ClientCloud/On-prem sandbox
FortiNAC
Multivendor”Easier NAC”
Scalability
If you can´t see it, you can´t control it
1
2
Fortinet Security Fabric - NAC & Client
FortiClient
FortiNAC
![Page 21: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/21.jpg)
21
FABRIC READY (API) FABRIC ORCHESTRATION
NetworkOperations
NetworkSecurity
OpenAPI
FabricConnectors
Open Ecosystem
And many more….
![Page 22: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/22.jpg)
22
Key Takeaways
STOP KNOWN THREATS
DETECT NEW THREATS
ACTIONABLE INTELLIGENCE
DESIGN FOR THE UNEXPECTED
PATCH AND UPDATE
BACK UP SYSTEMS AND DATA
![Page 23: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/23.jpg)
https://threatmap.fortiguard.com/
FortiGuard Weekly NewsletterCustomer sign up link: http://demand.fortinet.com/FortiGuard
Weekly deliveredTargeted to technical security operations/CISO/IT manager Free of charge
![Page 24: Threat Landscape Report Q2 - Kompetera A/S · Fortinet Security Fabric Broad, Integrated & Automated Wrapping up Questions Agenda. 5,800+ EMPLOYEES WORLDWIDE 110+ OFFICES ACROSS THE](https://reader033.vdocuments.mx/reader033/viewer/2022060900/609e09ac5ca4ca76ee7c3aad/html5/thumbnails/24.jpg)
Tak for jeres tidSpørgsmål?