Cybersecurity report reveals 75% spike in cloud attacks
The tenth annual Global Threat Report from cybersecurity pioneer CrowdStrike has unveiled several key insights into the threat landscape and attack motivations.
The CrowdStrike report highlights an acceleration in cyberattack speed, a 75% surge in successful cloud attacks, the exploitation of generative AI, and the discovery of 34 new threat actors, highlighting the growing challenge facing cyber security.
According to CrowdStrike, the 2024 report observed a considerable increase in attack velocity, with the average time for eCrime intrusion activity now down to 62 minutes from 84 minutes in 2022. The fastest recorded attack occurred in just over two minutes, with initial discovery tools dropped to compromise victims within 31 seconds once the adversary had achieved initial access.
According to CrowdStrike, an alarming trend is the increasing use of stolen identity credentials by adversaries, with the report noting a sharp increase in interactive intrusions and hands-on-keyboard activity (60%). In addition, as businesses continue to move to the cloud, adversaries are following suit, CrowdStrike says. There has been a 75% overall increase in cloud intrusions, and a 110% year-on-year increase in "cloud-conscious" cases, the report found.
Adam Meyers, Head of Counter Adversary Operations at CrowdStrike, points to the "unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors, and hacktivists" in 2023. He noted that "rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard-of speed."
Furthermore, the CrowdStrike report revealed that disruptive activity targeting global elections and exploiting generative AI technology is on the horizon. Nation-state and eCrime adversaries are anticipated to disrupt democratic processes in more than 40 elections scheduled in 2024. CrowdStrike says this is likely to be particularly prevalent with nation-state actors from China, Russia, and Iran, who are expected to conduct disinformation operations to sow disruption against the backdrop of geo-conflicts and global elections.
Additionally, CrowdStrike observed nation-state actors and hacktivists experimenting with and seeking to use generative AI to lower the barrier of entry for more sophisticated operations in 2023. The report highlights how generative AI will likely be used for cyber activities in 2024 as the technology continues to gain popularity.
According to CrowdStrike, the suite of tools required to combat these threats includes adversary-driven intelligence, human-led analysis, and groundbreaking technology. To defeat relentless adversaries, Meyers emphasises the need for organisations to embrace a platform-approach, fuelled by threat intelligence and hunting, to protect identity, prioritise cloud protection, and improve visibility into areas of enterprise risk.