Massive Fortinet Hack Exposes 75,000 Devices, Hits Fortune 500 Firms And Governments

A

critical cyberattack has targeted Fortinet security devices affecting organisations in over 15 countries. As per Reuters, the attack was discovered by cybercrime tracking firm Hudson Rock, which mentioned that nearly 75,000 Fortinet firewall and VPN devices have been exposed. The United States, Taiwan and India were among the countries with the highest number of affected devices. Researchers suggest that hackers stole login details that may help them gain access to company and government networks.

Here’s What Happened

As per the report, Hudson Rock revealed that hackers managed to collect usernames and passwords from Fortinet devices used by businesses, government agencies and other companies across the world. Firewalls and VPNs help protect computer networks and allow employees to securely connect to work systems from various locations. If hackers obtain login credentials, they may be able to enter these networks and access sensitive information. Reportedly, the cybersecurity firm has described the campaign as ‘staggering’ because of its size and the large number of organisations affected. Notably, Fortinet confirmed that it is aware of a campaign that was aimed at stealing login credentials from the products. Additionally, the company has reportedly mentioned that the hackers were using data collected from earlier incidents and trying large numbers of password combinations to break into accounts. This method is known as ‘brute force’. It involves repeatedly guessing passwords until one works. Fortinet has added that the activity is not linked to any recently discovered security flaw or advisory. The Reuters report notes that government agencies have also been caught up in the campaign. Around 120 credentials linked to five government organisations in Puerto Rico were found in the stolen data. A cybersecurity researcher Bob Diachenko reportedly first discovered the cyberattack. Diachenko reportedly stated that the hackers used an advanced system to crack passwords. He also found scripts containing instructions written in Russian, suggesting that a Russia-speaking cybercrime group could be behind the attack.This incident is a reminder for organisations to use stronger passwords, enable muliti-factor authentication and regularly review their security measures.