The 2021 threat landscape has become more crowded as new adversaries emerge according to the 2022 Global Threat Report released today by CrowdStrike.
CrowdStrike Intelligence is now tracking more than 170 adversaries in total with 21 added last year. Financially motivated eCrime activity continues to dominate with intrusions attributed to eCrime accounting for 49 percent of all observed activity.
Ransomware-related data leaks are up 82 percent, but adversaries are moving beyond malware as 62 percent of recent detections were found to be malware-free.
Iran-based adversaries have adopted the use of ransomware as well as ‘lock-and-leak’ disruptive information operations — using ransomware to encrypt target networks and subsequently leak victim information via actor-controlled personas or entities.
China-nexus actors have emerged as the leader in vulnerability exploitation and have shifted tactics to targeting internet-facing devices and services like Microsoft Exchange. Russia-nexus adversary COZY BEAR has expanded its targeting of IT to cloud service providers in order to exploit trusted relationships and gain access to additional targets through lateral movement.
North Korea meantime has been targeting cryptocurrency-related entities in an effort to maintain illicit revenue generation during economic disruptions caused by the COVID-19 pandemic.
“As cyber criminals and nation-states around the world continue to adapt in the changing, interconnected landscape, it’s critical that businesses evolve to defend against these threats by integrating new technologies, solutions and strategies,” says Adam Meyers, senior vice president of intelligence at CrowdStrike. “The CrowdStrike Falcon platform, powered by the world class intelligence that informs this annual report, offers the full suite of tools necessary to deliver hyper-accurate detections, automated protection and the remediation needed to stop threats in their tracks. The annual Global Threat Report paints a picture that shows enterprise risk is coalescing around three critical areas: endpoints, cloud workloads, identity and data, and provides a valuable resource for organizations looking to bolster their security strategy.”
The full report is available from the CrowdStrike site.
Image credit: whatawin/depositphotos.com