CrowdStrike 2023 Global Threat Report
From relentless adversaries to resilient businesses
From relentless adversaries to resilient businesses
2022 was a year of explosive, adaptive and damaging threats. Adversaries continue to be relentless in their attacks as they become faster and more sophisticated. CrowdStrike’s 2023 Global Threat Report uncovers notable themes, trends and events across the cyber threat landscape, including:
33
newly named adversaries in 2022
200+
total adversaries tracked by CrowdStrike
95%
increase in cloud exploitation
112%
increase in access broker ads on the dark web
84 minutes
average eCrime breakout time
71%
of attacks were malware-free
Read the CrowdStrike 2023 Global Threat Report
Read the CrowdStrike 2023 Global Threat Report
Key report insights
Adversaries Increase Speed and Sophistication
eCrime adversaries proved relentless in 2022 with faster and more complex operations. The average eCrime breakout time is now 84 minutes, and 71% of attacks CrowdStrike Intelligence detected were malware-free.
Access Broker Boom Accelerated in 2022
Access brokers are threat actors who acquire credentials and access to organizations then provide or sell this access to other actors, including ransomware operators. The number of their ads increased 112% compared to 2021. This spike, along with an increase in social engineering attacks, highlight why identity threat protection is critical to stopping breaches.
China Dominates Cyber Espionage Landscape
CrowdStrike Intelligence tracks China-nexus adversaries as the most active targeted intrusion groups. In 2022, they were observed targeting nearly all 39 global industry sectors and 20 geographic regions CrowdStrike tracks.
Cloud is in the Crosshairs
Cloud exploitation grew by 95% in 2022 as CrowdStrike Intelligence observed a nearly 3x increase in "cloud-conscious" threat actors. Adversary techniques continue to grow more sophisticated for initial access, lateral movement, privilege escalation, defense evasion and data collection.
Vulnerability Reuse Makes Patching a Priority
Adversaries continue to exploit vulnerabilities with greater sophistication, seeking ways to bypass mitigations to target the same vulnerable components multiple times. The architectural weaknesses in legacy technology create systemic risk for organizations that rely on these older systems and are increasingly vulnerable to attacks.
Know them. Find them.
Stop them.
Explore the Adversary Universe to learn how the world’s most dangerous threat actors are targeting organizations like yours.
