
CrowdStrike’s 2023 Global Threat Report highlights cybercrime trends relating to cloud exploitation, re-weaponization of vulnerabilities and more.
by Dan Kobialka • Feb 28, 2023
Cyber adversaries are increasingly targeting cloud environments as they explore new ways to attack global organizations, according to the 2023 Global Threat Report from CrowdStrike. Cloud exploitation increased 95% year over year in 2022, CrowdStrike reported. Also, the number of cases involving “cloud-conscious” threat actors nearly tripled year over year.
CrowdStrike Report Takeaways
Other key takeaways from CrowdStrike’s report include:
- Cyber adversaries are re-weaponizing and re-exploiting vulnerabilities. Log4Shell continued to “ravage the internet,” CrowdStrike indicated. Meanwhile, cybercriminals frequently exploited known and new vulnerabilities like ProxyNotShell and Follina to bypass patches and mitigations.
- Human adversaries are looking beyond malware to evade antivirus software. Approximately 71% of cyberattacks detected were free of malware, up from 62% one year earlier. In addition, interactive intrusions (cyberattacks involving hands-on-keyboard activity) rose 50% year over year.
- Cybercriminals are investing in dark web ads. CrowdStrike reported a 112% year-over-year increase in access broker advertisements on the dark web, which highlights the value of and demand for identity and access credentials in the underground economy.
- Thirty-three new cyber adversaries were discovered. This marks the largest increase in new cyber adversaries found that CrowdStrike has observed over the course of one year.
- China-linked espionage increased globally. There was a rise in China-linked adversary activity that affected organizations across 39 industry sectors and 20 geographic regions.
- Threat actors are working faster than ever before. The average eCrime breakout time fell from 98 minutes in 2021 to 84 minutes in 2022.
- Cybercriminals are using social engineering tactics to target human interactions. Many cyber adversaries used vishing to circumvent multi-factor authentication (MFA) and lure victims to download malware.
Staying Ahead of Cyber Adversaries
The past year has brought a “unique combination of threats to the forefront of security,” CrowdStrike Head of Intelligence Adam Meyers said. With a clear understanding of cybercrime tactics, techniques and procedures (TTPs), organizations are well equipped to stay ahead of cyber adversaries and protect against cyberattacks and data breaches.