Cyberattacks — and the resulting breaches — are a fact of life now. The impact left in the wake of a successful intrusion can be massive when customer data or other confidential information is stolen, exposed, changed, or deleted. It’s an inescapable certainty: Where valuable digital assets exist, aggressive threat actors follow.
These actors continuously develop and adopt new means to achieve their objectives, from the destructive NotPetya malware using stealth propagation techniques, to ransomware extortion, to the use of valid operating system processes to exploit the network. Likewise, security stakeholders from CISOs to incident responders to the board of directors must evolve their security planning to ensure resilience in the face of an attack. This document provides guideposts to further you along that path.
Drawn from real-life client engagements, the annual CrowdStrike® Cyber Intrusion Services Casebook provides valuable insights into ever-evolving attacker tactics, techniques and procedures (TTPs). It also reveals the strategies the CrowdStrike Services team devised to effectively and quickly investigate and remove threats from victims’ networks. Additionally, the report reveals emerging trends observed in attack behaviors, including the preferred tactics used by threat actors to gain entry to the targeted environment.
Based on CrowdStrike Services’ extensive experience in the field, this casebook provides key takeaways that can inform both executive stakeholders and security professionals on how to respond to intrusions more effectively. Most importantly, it offers recommendations that organizations can implement proactively — right now — to improve their ability to prevent, detect and respond to attacks. The threat is real, the risk is high, and CrowdStrike Services stands shoulder-to-shoulder with our clients to secure their data and their infrastructure: “One Team, One Fight.”
Download the CrowdStrike Cyber Intrusion Services Casebook and watch an on-demand video featuring the incident responders who investigated the cases, “Effective Incident Response in the Face of Evolving Attacker Tradecraft.”