Kaspersky: ‘Cring’ gang exploits Fortigate VPN server flaw tracked as CVE-2018-13379 to gain initial access. Once in the victim’s environment, the attackers encrypt data and then demand a ransom of two bitcoins ($113,768) for decrypting the files. The U.S. Cybersecurity and Infrastructure Security Agency and the FBI warned that unidentified nation-state actors have been scanning for Fortinet vulnerabilities since March (see: FBI and CISA: APT Groups Targeting Government Agencies)”]
Source: https://www.healthcareinfosecurity.com/ransomware-gang-exploits-old-fortinet-vpn-flaw-a-16365