Cyberattacks follow businesses to the cloud
Cloud intrusions increased by 75 percent overall last year as adversaries set their sights on the cloud through the use of valid credentials.
This is one of the findings of the 2024 CrowdStrike Global Threat Report released today. It notes an increase in interactive intrusions and hands-on-keyboard activity (60 percent) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.
The report also finds the speed of cyberattacks continues to accelerate at an alarming rate. The average breakout time is down to only 62 minutes from 79 in the previous year (with the fastest recorded attack coming in at two minutes seven seconds). Once initial access was obtained, it took only 31 seconds for an adversary to drop initial discovery tools in an attempt to compromise victims.
"Over the course of 2023, CrowdStrike observed unprecedented stealthy operations from
brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe. Rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations," says Adam Meyers, head of counter adversary operations at CrowdStrike. "To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk."
The report warns that with more than 40 democratic elections scheduled in around the world 2024, nation-state and eCrime adversaries will have numerous opportunities to disrupt the electoral process or sway voter opinion. Nation-state actors from China, Russia and Iran are highly likely to conduct mis- or disinformation operations to sow disruption against the backdrop of geo-conflicts and global elections.
The full report is available from the CrowdStrike site.
Image credit: VitalikRadko/depositphotos.com