• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

FBI, CISA Warn Of Threat Actors Targeting Old Fortinet FortiOS Vulns

Agencies warning of sophisticated malicious actors exploiting multiple older vulnerabilities in Fortinet FortiOS to gain access to customer networks.

April 7, 2021 Zachary Comeau Leave a Comment

Supply Chain Attacks

The FBI and Cybersecurity and Infrastructure Agency are warning of sophisticated malicious actors exploiting multiple older vulnerabilities in Fortinet FortiOS to gain access to customer networks.

The advisory, issued last week, warns that advanced persistent threat (APT) actors are scanning devices for three different vulnerabilities to infiltrate the networks of government, commercial and technology service networks.

The agencies say the vulnerabilities in Fortinet FortiOS are CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591, and the actors may be using any or all of the vulnerabilities to gain access to networks “across multiple critical infrastructure sectors” and establish a persistent presence for follow-on data exfiltration or ransomware attacks.

Fortinet FortiOS is the operating system on which the company’s Fortinet Security Fabric solution runs. It is designed to secure “the entire digital attack surface” of its enterprise customers, according to the company.

“APT actors may use other CVEs or common exploitation techniques—such as spearphishing—to gain access to critical infrastructure networks to pre-position for follow-on attacks,” the advisory said.

All three vulnerabilities have patches available, but threat actors are scanning for unpatched versions of the product, the alert says.

In a statement to Channel Futures, Fortinet said the vulnerabilities were resolved in 2019 and 2020.

To mitigate, IT administrators should first update and apply the patches if they didn’t already.

Other mitigation steps, per CISA and the FBI, include:

  • If FortiOS is not used by your organization, add key artifact files used by FortiOS to your organization’s execution deny list. Any attempts to install or run this program and its associated files should be prevented.
  • Regularly back up data, air gap, and password protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the primary system where the data resides.
  • Implement network segmentation.
  • Require administrator credentials to install software.
  • Implement a recovery plan to restore sensitive or proprietary data from a physically separate, segmented, secure location (e.g., hard drive, storage device, the cloud).
  • Install updates/patch operating systems, software, and firmware as soon as updates/patches are released.
  • Use multifactor authentication where possible.
  • Regularly change passwords to network systems and accounts, and avoid reusing passwords for different accounts. Implement the shortest acceptable timeframe for password changes.
  • Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs.
  • Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
  • Install and regularly update antivirus and anti-malware software on all hosts.
  • Consider adding an email banner to emails received from outside your organization.
  • Disable hyperlinks in received emails.
  • Focus on awareness and training. Provide users with training on information security principles and techniques, particularly on recognizing and avoiding phishing emails.

Tagged With: Fortinet, FortiOS

Related Content:

  • Video Production, Enterprise IT Modernizing Video Applications in Enterprise Environments
  • Zero Trust, ZTNA, Syxsense Syxsense Unveils New Module for Zero Trust Compliance
  • Insider Risk, cyber risk, insurance, cybersecurity GlobalData GlobalData: Cybersecurity Revenue in Insurance Set to Grow…
  • This Week in IT, IT News This Week in IT: Google Meet, Cisco Attack,…

Free downloadable guide you may like:

  • Shadow ITBlueprint Series: How to Reduce Shadow IT

    The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Research finds that this distributed work environment is leading to IT management blind spots and shadow IT.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Shadow IT
Blueprint Series: How to Reduce Shadow IT

The distributed work model gives employees the flexibility they demand, but it can lead to shadow IT and introduce unnecessary security risk. Resea...

Hybrid Work webinar
Featured Webcast: Collaboration 2.0 — Where Are We Now?

In this webinar, subject matter experts discuss the transformation of the workplace, the rise of hybrid workers, the importance of open connectivit...

guide to end user training cover
Pro Tips for Conducting End User Training

Effective trainings are the glue that can make the difference following a new technology implementation that your team has spent so much time, effo...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.