Summary: CrowdStrike’s Latest Security Threat Report

    Marco
    By: Marco
    May 15, 2023

    CrowdStrike — a global leader in next-generation endpoint protection, threat intelligence, and response services — recently released its 2023 Global Threat Report, which outlines important cybersecurity themes, trends, and events across the cyber threat landscape. An executive summary and infographic are also available through the above link. 

    While our cybersecurity experts recommend reading all 42 glorious pages of the original report, we also wanted to create our own summary to help busy IT pros digest the main points quickly. 

    Top Cybersecurity Threats and Trends in 2023

    The Current Threat Landscape

    • Cybercriminals can move from one compromised host to another within the same environment much faster — on average, this “breakout time” is now just 84 minutes.
    • Illegally selling access to organizations is now more popular — advertisements for this “service” is up by 112%.
    • Malware-free attacks (like credential abuse and exploiting known vulnerabilities) now account for 71% of all detections.
    • Interactive intrusions are up 50%. 

    Cybercriminals are Launching More Sophisticated Attacks More Often

    Two newly identified eCrime organizations, SLIPPY SPIDER and SCATTERED SPIDER, are going after higher profile victims using MFA fatigue, vishing, and SIM swapping techniques. Additionally, CrowdStrike saw a 20% increase in the number of adversaries that were successfully conducting data theft and extortion campaigns without the use of ransomware. 

    Cloud Exploitation is on the Rise

    Cybercriminals are responding to the wave of cloud migrations by evolving their strategies away from deactivating antivirus and firewall software and towards  modifying authentication processes and targeting identities.

    Cybercriminals are Doubling Down on Previously Exploited Vulnerabilities

    Hackers are continuing to focus on tried and true attack methods and vulnerabilities. Most frequently, these include the following:

    • Structural weaknesses in Microsoft technologies that remain vulnerable even after previous patches and mitigation efforts.
    •  Zero-day and N-day vulnerabilities that allow hackers to bypass mitigation efforts.
    • Log4Shell exploitations

    Learn 30 Ways to Secure Microsoft 365

    Growing Threats From the Far East 

    China-nexus adversaries expanded their activities in 2022. Their preferred targets are technology organizations based in Taiwan. However, they also target almost all global industries and geographical areas. In North American organizations, zero-day exploits were more commonly used to compromise aerospace, legal, and academic organizations.  

    Growing Threats From Russia 

    Thus far, the predicted wave of Russian cyberattacks against core sectors in the West has yet to materialize. But as the war goes on, organizations should still be cautious and follow CISA’s Shields Up guidance. 

    5 Recommendations From CrowdStrike

    CrowdStrike offered the following recommendations: 

    1. Gain visibility into your security gaps
    2. Prioritize identity protection
    3. Prioritize cloud protection
    4. Know your adversary
    5. Practice makes perfect

    Your Friendly CrowdStrike Partner Can Help

    Marco is an Elite Partner with CrowdStrike, which means we can offer additional solution bundles, campaigns, capabilities, and market opportunities. To put that more bluntly, we are empowered to offer our clients more and better service, for highly competitive prices. If you’re considering upgrading to CrowdStrike’s Falcon Platform to secure endpoints, cloud workloads, identities, and data, just let us know! 

    And if it’s been a few years since you’ve adjusted your cybersecurity strategy, our comprehensive Cybersecurity Assessment can get you up to speed fairly quickly. Cybersecurity Assessment Graphic

    Our assessment is designed to identify the following: 

    • Any vulnerabilities in your systems and tools
    • Your public risk posture
    • Any common misconfigurations that may put your systems, tools, or data at risk
    • Poor security practices

    When we’re done with our assessment, we present all of our findings to business leaders and IT staff in plain language and make prioritized recommendations based on business risk. None of this is about finding fault. On the contrary — we frequently find that our assessments get everyone on the same page (finally) and help IT staff get the upgrades they’ve been asking for for years. 

    Sound good? You know what to do…

    Get a Cybersecurity Assessment

     
    Topics: Security