CrowdStrike report shows identities under siege

Cyberattacks exploiting gaps in cloud infrastructure — to steal credentials, identities and data — skyrocketed in 2022, growing 95%, with cases involving “cloud-conscious” threat actors tripling year-over-year. That’s according to CrowdStrike’s 2023 Global Threat Report.

The report finds bad actors moving away from deactivation of antivirus and firewall technologies, and from log-tampering efforts, seeking instead to “modify authentication processes and attack identities,” it concludes.

Today, identities are under siege across a vast threatscape. Why are identities and privileged access credentials the primary targets? It’s because attackers want to become access brokers and sell pilfered information in bulk at high prices on the dark web.

CrowdStrike’s report provides a sobering look at how quickly attackers are reinventing themselves as access brokers, and how their ranks are growing. The report found a 20% increase in the number of adversaries pursuing cloud data theft and extortion campaigns, and the largest-ever increase in numbers of adversaries — 33 new ones found in just a year. Prolific Scattered Spider and Slippery Spider attackers are behind many recent high-profile attacks on telecommunications, BPO and technology companies.

Attacks are setting new speed records

Attackers are digitally transforming themselves faster than enterprises can keep up, quickly re-weaponizing and re-exploiting vulnerabilities. CrowdStrike found threat actors circumventing patches and sidestepping mitigations throughout the year.

The report states that “the CrowdStrikeFalcon OverWatch team measures breakout time — the time an adversary takes to move laterally, from an initially compromised host to another host within the victim environment. The average breakout time for interactive eCrime intrusion activity declined from 98 minutes in 2021 to 84 minutes in 2022.”

CISOs and their teams need to respond more quickly, as the breakout time window shortens, to minimize costs and ancillary damages caused by attackers. CrowdStrikes advises security teams to meet the 1-10-60 rule: detecting threats within the first minute, understanding the threats within 10 minutes, and responding within 60 minutes…

Read Full Article: Venture Beat

Patrick Melampy
Cloud On-Ramp and Protecting Performance The expansion of remote work and the massive growth in usage of cloud-based applications have stressed existing infrastructure and put a keen focus on the performance of everyone’s network environment ...
David Discenza
Four Ways to Improve Cybersecurity (Updated: December 9th, 2022 ) Cyber-attacks on businesses have become common place. In fact, it’s estimated that a cyber-attack occurs every 39 seconds. Who are the targets of these attacks? ...
Drew Firment
Stop Focusing on Cloud Adoption and Start Focusing on Cloud Maturity For the past several years, most organizations have made it their priority to shift much of their applications and data from on-premises to the ...
Security Breach 10 Useful Cloud Security Tools
Cloud Security Tools Cloud providing vendors need to embed cloud security tools within their infrastructure. They should not emphasize keeping high uptime at the expense of security. Cloud computing has become a business solution for ...
Gilad David Maayan
Network Security in the Public Cloud What is Network Security? Network security is a strategic approach to securing an organization’s resources and data across the corporate network. It helps protect organizations of all sizes, industries, ...
Josh Miramant
Benefits of a Data-First Culture When it comes to analytics solutions, centralization versus decentralization is one constant tension that’s plagued data architects for years now. Both options offer their own sets of advantages and disadvantages, ...
Cybersecurity Bootcamps To Help Build Your Career
Cybersecurity Bootcamps We've discussed the importance of training and the hiring of cybersecurity professionals many times on CloudTweaks over the past 10+ years. Now more than ever as the world enters into a dark era ...
Tosin Vaithilingam
Divestitures: What to consider during the migration process "Divestitures require careful planning and execution, but they can create tremendous opportunities for companies to transform their businesses and unlock new growth potential." - Ginni Rometty, former ...