目前位置: 新聞總覽 -> 最新訊息 -> Fortinet: cybercrime surges in 2024 as attackers embrace AI, automation, and exploit kits

2025年08月06日

Fortinet: cybercrime surges in 2024 as attackers embrace AI, automation, and exploit kits

Fortinet has released the 2025 Global Threat Landscape Report, a comprehensive analysis of the active threat landscape and trends from 2024. The report highlights that threat actors are increasingly using automation, commoditised tools, and AI to systematically erode traditional advantages held by defenders.

Automated scanning

Automated scanning has reached record highs as attackers shift left to identify exposed targets early. Cybercriminals are deploying automated scanning at a global scale, with active scanning in cyberspace reaching unprecedented levels in 2024, rising by 16.7 per cent worldwide year over year.

Also read: How Axiado’s tech secures critical data in a quantum world

Darknet marketplaces

Darknet marketplaces fuel easy access to neatly packaged exploit kits. In 2024, cybercriminal forums increasingly operated as sophisticated marketplaces for exploit kits, with over 40,000 new vulnerabilities added to the National Vulnerability Database, a 39 per cent rise from 2023.

Initial access brokers are increasingly offering corporate credentials (20 per cent), RDP access (19 per cent), admin panels (13 per cent), and web shells (12 per cent). FortiGuard Labs observed a 500 per cent increase in logs available from systems compromised by infostealer malware, with 1.7 billion stolen credential records shared in these underground forums.

AI-powered cybercrime

AI-powered cybercrime is scaling rapidly, with threat actors harnessing AI to enhance phishing realism and evading traditional security controls, making cyberattacks more effective and difficult to detect. Tools like FraudGPT, BlackmailerV3, and ElevenLabs are fuelling more scalable, believable, and effective campaigns without the ethical restrictions of publicly available AI tools.

Attacks intensify

Targeted attacks on critical sectors intensify, with adversaries deploying sector-specific exploitations. In 2024, the most targeted sectors were manufacturing (17 per cent), business services (11 per cent), construction (nine per cent), and retail (nine per cent). Both nation-state actors and Ransomware-as-a-Service (RaaS) operators concentrated their efforts on these verticals, with the United States bearing the brunt of attacks (61 per cent).

Credentials are the currency of cybercrime, with cybercriminals sharing over 100 billion compromised records on underground forums, a 42 per cent year-over-year spike, driven largely by the rise of “combo lists” containing stolen usernames, passwords, and email addresses. Well-known groups like BestCombo, BloddyMery, and ValidMail were the most active cybercriminal groups during this time, fuelling a surge in account takeovers, financial fraud, and corporate espionage.

Fortinet’s warning for 2025

“Our latest Global Threat Landscape Report makes one thing clear: Cybercriminals are accelerating their efforts, using AI and automation to operate at unprecedented speed and scale,” said Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet FortiGuard Labs.

source:
https://www.manufacturingtodayindia.com/fortinet-cybercrime-surges-in-2024

標籤 : Phitech, 懇懋科技, Fortinet