CrowdStrike Global Threat Report Reveals The Biggest Cyber Crime and Targeted Intrusion Trends
Following the trickle-down effect of advanced ‘military-grade’ tools, report uncovers leveling of the playing field between nation-states and cyber criminal groups with wide-scope targeting
Sunnyvale, CA – February 26, 2018 – CrowdStrike® Inc., the leader in cloud-delivered endpoint protection, today announced the release of its 2018 CrowdStrike Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft.
The report analyzes comprehensive threat data from CrowdStrike Falcon® Intelligence™, CrowdStrike Falcon OverWatch™, the company’s industry-leading managed hunting team, and the CrowdStrike Threat Graph™, a massively scalable, cloud-based graph database technology processing nearly 100 billion events a day across 176 countries.
In addition to detailing key trends driving adversary targeting and a deep dive into the key factors shaping the targeted intrusion campaigns of notable nation-state adversaries, including China, Russia, Iran, North Korea, etc., the report brings to light key metrics defining the state of cybersecurity today across industries.
“We’ve already seen cyber adversaries launch massive, destructive attacks that render organizations inoperable for days or weeks. Looking ahead, security teams will be under even more pressure to detect, investigate, and remediate breaches faster,” said Dmitri Alperovitch, CrowdStrike’s chief technology officer and co-founder. “Based on CrowdStrike’s comprehensive visibility into threat actors and data from our global customer community, we are able to deliver real-time insights into threat activity, enabling customers to stop breaches and improve their security postures.”
Notable Highlights of the Global Threat Report:
- Based on observed incidents, CrowdStrike established that the average “breakout time” in 2017 was one hour and 58 minutes. Breakout time indicates how long it takes for an intruder to jump off the initial system they had compromised and move laterally to other machines within the network.
- In 2017, 39 percent of all attacks that CrowdStrike observed constituted malware-free intrusions that were not detected by traditional antivirus, with the manufacturing, professional services and pharmaceutical industries facing the most malware-free attacks.
- The propagation of advanced exploits has blurred the lines between statecraft and tradecraft, evolving the threat landscape beyond the defense capabilities of conventional security measures.
- Extortion and weaponization of data have become mainstream among cybercriminals, heavily impacting government and healthcare, among other sectors.
- Nation-state-linked attacks and targeted ransomware are on the rise and could be used for geopolitical and even militaristic exploitation purposes.
- Supply chain compromises and crypto fraud and mining will present new attack vectors for both state-sponsored and eCrime actors.
Established and well-resourced cyber operations will continue to innovate, developing new methods of distributing crimeware and incorporating advanced tactics to infiltrate, disrupt and destroy systems. CrowdStrike is the only company that unifies strategic and tactical intelligence with an industry-leading managed hunting practice and unrivalled threat visibility, establishing an unprecedented view of the global threat landscape.
“Today, the lines between nation-states and eCrime actors are increasingly blurring, elevating the sophistication of threats to a new level. Actionable threat intelligence and real-time threat data are crucial in empowering better security and executive decisions,” said Adam Meyers, vice president of Intelligence at CrowdStrike. “ With the Global Threat Report, public and private sector organizations can be better informed about the employed tactics, techniques, and procedures (TTPs) and properly allocate the defenses and resources necessary to protect assets that are most at risk.”
For additional information, read a blog from George Kurtz, CrowdStrike’s co-founder and chief executive officer, here.
You can download the 2018 CrowdStrike Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft here.
CrowdStrike is the leader in cloud-delivered endpoint protection. Leveraging artificial intelligence (AI), the CrowdStrike Falcon® platform offers instant visibility and protection across the enterprise and prevents attacks on endpoints on or off the network. CrowdStrike Falcon deploys in minutes to deliver actionable intelligence and real-time protection from Day One. It seamlessly unifies next-generation AV with best-in-class endpoint detection and response, backed by 24/7 managed hunting. Its cloud infrastructure and single-agent architecture eliminate complexity and add scalability, manageability, and speed.
CrowdStrike Falcon protects customers against all cyber attack types, using sophisticated signatureless AI and Indicator-of-Attack (IoA) based threat prevention to stop known and unknown threats in real time. Powered by the CrowdStrike Threat Graph™, Falcon instantly correlates nearly 100 billion security events a day from across the globe to immediately prevent and detect threats.
There’s much more to the story of how Falcon has redefined endpoint protection but there’s only one thing to remember about CrowdStrike: We stop breaches.
You can gain full access to CrowdStrike Falcon Prevent™ by starting your free trial here.
Learn more: https://www.crowdstrike.com/
© 2018 CrowdStrike, Inc. All rights reserved. CrowdStrike®, CrowdStrike Falcon®, CrowdStrike Threat Graph™, CrowdStrike Falcon Prevent™, Falcon Prevent™, CrowdStrike Falcon Insight™, Falcon Insight™, CrowdStrike Falcon Discover™, Falcon Discover™, CrowdStrike Falcon Intelligence™, Falcon Intelligence™, CrowdStrike Falcon DNS™, Falcon DNS™, CrowdStrike Falcon OverWatch™, Falcon OverWatch™, CrowdStrike Falcon Spotlight™ and Falcon Spotlight™ are among the trademarks of CrowdStrike, Inc. Other brands may be third-party trademarks.
Ilina Cashiola, 202-340-0517