CrowdStrike has unveiled its latest findings in the 2024 CrowdStrike Global Threat Report, shedding light on a concerning surge in cyber adversaries exploiting stolen identity credentials to infiltrate cloud environments swiftly and execute devastating cyberattacks. The report also underscores looming threats for 2024, such as the potential disruption of global elections and the exploitation of generative AI to facilitate more sophisticated attacks. In its milestone 10th annual edition, CrowdStrike delves into the activities of over 230 threat groups currently under its surveillance.
Key highlights from the 2024 report include:
– Acceleration of Cyberattacks: The report reveals a staggering increase in the velocity of cyberattacks, with the average breakout time plummeting to a mere 62 minutes from the previous 84, with the quickest recorded attack clocking in at an astonishing 2 minutes and 7 seconds. Once initial access is secured, adversaries take a mere 31 seconds on average to deploy initial discovery tools, aiming to compromise victims swiftly.
– Surge in Stealthy Attacks via Compromised Credentials: Interactive intrusions and hands-on-keyboard activities have seen a sharp uptick (60%), with adversaries increasingly exploiting stolen credentials to breach targeted organizations.
– Cloud Infrastructure Under Siege: Adversaries are now targeting cloud environments using valid credentials, posing a significant challenge for defenders struggling to distinguish between normal and malicious user behavior. The report indicates a 75% overall increase in cloud intrusions, with cloud-conscious cases spiking by 110% year over year.
– Emergence of Generative AI Exploitation: In 2023, CrowdStrike observed nation-state actors and hacktivists experimenting with generative AI to democratize attacks, making sophisticated operations more accessible. The report suggests that generative AI will likely be leveraged for cyber activities in 2024 as the technology gains traction.
– Threats to Global Elections: With over 40 democratic elections scheduled in 2024, nation-state and eCrime adversaries are poised to disrupt the electoral process or manipulate voter opinion.
Adam Meyers, Head of Counter Adversary Operations at CrowdStrike, remarked, “Throughout 2023, we witnessed unprecedented stealthy operations from bold eCrime groups, sophisticated nation-state actors, and hacktivists targeting businesses across various sectors worldwide. As adversaries evolve, organizations must adopt a platform-based approach, fortified by threat intelligence and proactive hunting, to safeguard identities, prioritize cloud security, and gain comprehensive visibility into enterprise risks.”
CrowdStrike, renowned as a cybersecurity leader in the AI era, emphasizes an adversary-focused strategy, offering customers adversary-driven intelligence, human-led analysis, and cutting-edge technology to preempt threats effectively. Their approach integrates CrowdStrike Falcon® Intelligence with the expertise of CrowdStrike Falcon® OverWatch’s threat hunting team, powering the AI-native CrowdStrike XDR Falcon® platform to expedite investigations, mitigate threats, and thwart breaches.