Cyberattacks are getting faster, more common and more successful, even though detection is more advanced than ever — new report signals the threats to businesses, supply chains, and democracy
Cybersecurity is no longer a matter of "good enough"
A new report from CrowdStrike has found cyberattacks are getting faster, with breakout times down to an average of 62 minutes compared to an average of 84 minutes in 2023.
34 new threat actors have also joined the cyber scene, with a total of over 230 individual threat actors now tracked by the company.
A new record breakout time was also recorded at just two minutes and seven seconds to jump from an infected host to another hose within the network.
Hackers are following their targets into the cloud
The report highlights the rapid increase in the speed of attacks and the use of AI assistance is “driving a tectonic shift in the security landscape and the world.”
The human factor has increasingly become the main source of entry for threat actors, with interactive intrusions and hands-on-keyboard attacks increasing by 60%. Many threat actors have increased their use of social engineering and phishing campaigns to gain abusable credentials, and ultimately access to their target’s environment.
As businesses continue their journey towards the cloud, threat actors have followed, with cloud intrusions increasing by 75% since last year. Threat actors are also seeking greater knowledge of the cloud itself, with the exploitation of cloud unique features experiencing a 110% increase.
Threat actors are sowing further disruption by exploiting trusted relationships to compromise supply chains, allowing the actor to “cast a wide net” in its victim selection. CrowdStrike highlights successful attempts by the North Korean ‘Labyrinth Chollima’ to intrude trusted software as a delivery mechanism for data stealing malware.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
CrowdStrike also issues a warning to democracy as state-sponsored adversaries are highly likely to target critical upcoming elections. Russia, China, and Iran all have motivations to influence and disrupt elections and will likely launch disinformation campaigns that take advantage of geopolitical tensions and conflicts to influence voters and exacerbate societal fractures.
Threat actors are stepping up their use of AI-generated content, including artificial images and video, to spread misinformation on social media. CrowdStrike expects increasing abuse of open-source or publicly available LLMs to continue, rather than threat-actors developing their own home-grown models.
“Over the course of 2023, CrowdStrike observed unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe,” said Adam Meyers, head of Counter Adversary Operations, CrowdStrike.
“Rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations.
“To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk.”
More from TechRadar Pro
- Technical debt and cloud issues are the biggest barriers to digital transformation for many companies
- These are the best cloud firewalls and best cloud backup services
- Here is our guide to the best endpoint protection software
Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focusing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.