Rise of ‘system wipers’ poses new threats to organizations

A new wave of destructive malware capable of wiping out systems, not just data, appears to be gaining significant momentum heading into 2023, according to the latest research from FortiGuard Labs and its chief security strategist, Derek Manky.

The rise of “system wipers” in the second half of 2022 was one of several developments that stood out to Manky in FortiGuard’s most recent survey of organizations about the cyber threats they are encountering. There was a 16% increase in reports of system wipers between the first half and the second half of 2022, he said, but a 53% surge between the third quarter and the fourth quarter, he said in a new interview for CyberScoop.

The number of different types of system wipers is also growing. The FortiGuard Labs research identified 16 types, or families, of system wiper malware being used by hackers. “We only saw maybe one of these the year before. It truly was unprecedented,” he said.

Manky said the latest findings presented both good news and bad news.

“The bad news is, there are close to 200,000 vulnerabilities now that attackers are going after — that’s the entire attack surface. The good news is that we looked at what we call active attack surface — what holes are open in organizations and what attackers are actually going after. And that accounted for only 1% of that 200,000,” he said. That suggests attackers are shifting techniques and becoming more targeted using “weapons of choice.”

Manky also highlighted other momentum-building techniques, including “drive-by-downloads,” where hackers lure users to a website and can quickly compromise a user’s system without interaction.

“We’re also seeing a lot of older threats now that are being retrofitted,” he said, explaining how portions of old code are being recompiled into new code that is then used in new attack techniques.

Manky also discusses the types of threats organizations can expect to see more of in the coming year and how to prepare for them.

Watch the full discussion with Derek Manky and read the full report here.

This video interview was produced by Scoop News Group for CyberScoop and underwritten by Fortinet.