In the second half of 2023 [3], security experts observed a significant increase in hands-on attacks, posing a challenge for defenders [5].
Description
Security experts observed a 73% increase in hands-on attacks in the second half of 2023 compared to the previous year. The average breakout time decreased to just 62 minutes [3] [6], with the fastest attack recorded at 2 minutes 7 seconds [2] [6]. Threat actors are exploiting stolen credentials for initial access [2], with identity-based attacks accounting for 75% of detections [3]. Cloud intrusions have increased by 75% [1] [2], with technology [4], telecoms [4], and finance sectors experiencing the highest number of intrusions [4]. Adversaries are focusing on accelerating initial access through various means [4], including phishing, social engineering [1] [4], and exploiting vulnerabilities [4]. Generative AI is expected to be used for cyber activities in 2024 [2], with 34 new threat actors emerging [1].
Conclusion
The rise in hands-on attacks and interactive intrusions highlights the need for organizations to enhance their cybersecurity measures. With the increasing use of social engineering and phishing campaigns [1], it is crucial for defenders to stay vigilant. State-sponsored adversaries targeting elections and the spread of misinformation through AI-generated content on social media pose significant challenges. Organizations must adopt a platform approach to protect against evolving adversary tradecraft and mitigate future cyber threats.
References
[1] https://www.techradar.com/pro/cyberattacks-are-getting-faster-more-common-and-more-successful-even-though-detection-is-more-advanced-than-ever-new-report-signals-the-threats-to-businesses-supply-chains-and-democracy
[2] https://cybermagazine.com/articles/ai-elections-cloud-attacks-crowdstrikes-threat-report
[3] https://www.techtarget.com/searchSecurity/news/366570633/CrowdStrike-Global-Threat-Report-Cloud-intrusions-up-75
[4] https://www.infosecurity-magazine.com/news/attacker-breakout-time-falls-one/
[5] https://www.crn.com/news/security/2024/5-big-things-to-know-from-crowdstrike-s-2024-threat-report
[6] https://siliconangle.com/2024/02/21/crowdstrike-warns-surge-adversaries-using-stolen-credentials-exploit-cloud-environments/
