The propagation of advanced exploits has blurred the lines between statecraft and tradecraft, evolving the threat landscape beyond the defense capabilities of conventional security measures.
According to the 2018 CrowdStrike Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft, which analyzes comprehensive threat data from 100 billion events a day across 176 countries, extortion and weaponization of data have become mainstream among cybercriminals, heavily impacting government and healthcare, among other sectors. Part of this is due to the fact that nation-state–linked attacks and targeted ransomware are on the rise and could be used for geopolitical and even militaristic exploitation purposes.
Additionally, supply-chain compromises and crypto-fraud and -mining are presenting new attack vectors for both state-sponsored and e-crime actors.
“We’ve already seen cyber-adversaries launch massive, destructive attacks that render organizations inoperable for days or weeks,” said Dmitri Alperovitch, CrowdStrike co-founder and CTO. “Looking ahead, security teams will be under even more pressure to detect, investigate and remediate breaches faster.”
The report also shows that established and well-resourced cyber-operations continue to innovate, developing new methods of distributing crimeware and incorporating advanced tactics to infiltrate, disrupt and destroy systems. In 2017, 39% of all attacks that CrowdStrike observed constituted malware-free intrusions that were not detected by traditional antivirus software, with the manufacturing, professional services and pharmaceutical industries facing the most malware-free attacks.
Based on observed incidents, CrowdStrike also established that the average “breakout time” in 2017 was 1 hour and 58 minutes. Breakout time indicates how long an intruder takes to laterally move from the initial system they had compromised to other machines within the network.
Said Adam Meyers, vice president of intelligence at CrowdStrike,“Today, the lines between nation-states and e-crime actors are increasingly blurring, elevating the sophistication of threats to a new level.”