SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
AI Security
#
AI
#
Cloud protection
Cybersecurity report reveals 75% spike in cloud attacks
Thu, 22nd Feb 2024
Author image
By Shannon Williams, Journalist
Follow us

The tenth annual Global Threat Report from cybersecurity pioneer CrowdStrike has unveiled several key insights into the threat landscape and attack motivations.

The CrowdStrike report highlights an acceleration in cyberattack speed, a 75% surge in successful cloud attacks, the exploitation of generative AI, and the discovery of 34 new threat actors, highlighting the growing challenge facing cyber security.

According to CrowdStrike, the 2024 report observed a considerable increase in attack velocity, with the average time for eCrime intrusion activity now down to 62 minutes from 84 minutes in 2022. The fastest recorded attack occurred in just over two minutes, with initial discovery tools dropped to compromise victims within 31 seconds once the adversary had achieved initial access.

According to CrowdStrike, an alarming trend is the increasing use of stolen identity credentials by adversaries, with the report noting a sharp increase in interactive intrusions and hands-on-keyboard activity (60%). In addition, as businesses continue to move to the cloud, adversaries are following suit, CrowdStrike says. There has been a 75% overall increase in cloud intrusions, and a 110% year-on-year increase in "cloud-conscious" cases, the report found.

Adam Meyers, Head of Counter Adversary Operations at CrowdStrike, points to the "unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors, and hacktivists" in 2023. He noted that "rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard-of speed."

Furthermore, the CrowdStrike report revealed that disruptive activity targeting global elections and exploiting generative AI technology is on the horizon. Nation-state and eCrime adversaries are anticipated to disrupt democratic processes in more than 40 elections scheduled in 2024. CrowdStrike says this is likely to be particularly prevalent with nation-state actors from China, Russia, and Iran, who are expected to conduct disinformation operations to sow disruption against the backdrop of geo-conflicts and global elections.

Additionally, CrowdStrike observed nation-state actors and hacktivists experimenting with and seeking to use generative AI to lower the barrier of entry for more sophisticated operations in 2023. The report highlights how generative AI will likely be used for cyber activities in 2024 as the technology continues to gain popularity.

According to CrowdStrike, the suite of tools required to combat these threats includes adversary-driven intelligence, human-led analysis, and groundbreaking technology. To defeat relentless adversaries, Meyers emphasises the need for organisations to embrace a platform-approach, fuelled by threat intelligence and hunting, to protect identity, prioritise cloud protection, and improve visibility into areas of enterprise risk.

Related stories
AI & ML form critical defence against digital deception
AI scams prompt need for advanced fraud-detection technologies
Legit Security announces strategic partnership with GuidePoint Security
Healthcare sector's cybersecurity confidence misplaced, warns Kroll report
Fortinet upscales OT & CI cybersecurity in Asia-Pacific
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds