Cybercriminals take bold steps forward as confidence soars - CrowdStrike report
From food shortages to COVID-19, every business sector across the world will feel the effects of what some are describing as ‘bolder’ cyber attacks, particularly as criminals become more confident.
CrowdStrike’s 2021 Global Threat Report notes that 79% of all intrusions conducted via hands-on keyboard activity were related to ecrime. Notably, criminals are targeting the supply chain as it enables them to go after multiple targets from a single intrusion point.
According to the report, it can take just 4 hours, 28 minutes for an attacker to obtain access to an entry point within an organisation - far less time than the nine-hour average breakout time cited in the 2019 report. This suggests that attackers are becoming faster at gaining entry - and they may also have better evasion strategies to cover their tracks.
Countries in Asia such as China and the Democratic People’s Republic of Korea (DPRK) will need to take particular care in securing their defences. COVID-19 and a food shortage in DPRK have prompted cybercriminals to ramp up their attacks, while China’s 14th Five Year Plan and COVID response will also attract supply chain compromises.
CrowdStrike’s senior vice president of intelligence, Adam Meyers, says, “There is a human being behind every attack, and cyber actors are getting bolder and more astute day-to-day. As such, it’s critical to employ comprehensive cloud-native technology for increased visibility and prevention capabilities including threat intelligence and expert threat hunting to stay one step ahead of modern-day attacks.”
He believes that the remote work environment also adds importance to the process of protecting every organisation’s identity.
“Organisations must take decisive action to control access and protect data in order to outmanoeuvre adversaries.”
The report focuses significantly on ransomware, with the average cost of a ransom paid hitting US$1.1 million. The report also notes that 18 ‘Big Game Hunting’ enterprise ransomware families hit 104 healthcare organisations last year.
While ransomware remains a common way of extorting data from organisations, Dedicated Leak Sites (DLS) are also growing in popularity.
This year’s report also includes an eCrime Index (ECX), which analyses the cybercrime market’s strength, volume, and sophistication. As of 22 February, the index sat at 328.36 and has risen steadily since charting began in October 2020.
“The market dynamics as observed by the CrowdStrike Intelligence team over the past several years are fluid; as new mechanisms and schemes are devised to generate revenue, new avenues of monetization are identified, and as the global geopolitical and economic landscape changes, adversaries evolve their tactics to maximize profits. This underground economy parallels global markets in many ways,” the report notes.
The report’s findings are based on data collected by CrowdStrike Falcon Intelligence, Falcon OverWatch, and the CrowdStrike Threat Graph.