Report: e-crime actors drove cyber intrusions in 2020

Supply chain attacks, ransomware, data extortion and nation-state threats are more prolific than ever, with e-crime attacks making up 79% of all intrusions (via hands-on-keyboard activity), according to the 2021 CrowdStrike Global Threat Report.

The report details insights into the global threat landscape, with best practices for organisations looking to amplify their cybersecurity maturity in 2021. Following the increase in e-crime, CrowdStrike has introduced an eCrime Index (ECX) in the latest report. The ECX displays the strength, volume and sophistication of the cybercriminal market, and is updated weekly in real time, based on 18 indicators of criminal activity.

A popular vector for cybercriminals is the supply chain, as it allows malicious actors to propagate multiple downstream targets from a single intrusion. Additionally, the report addresses how nation-state adversaries infiltrate networks to steal valuable data, seeking COVID-19 research. The report found that threat actors have improved strategies to evade detection and camouflage in networks, deceiving their targets many times.

Adam Meyers, Senior Vice President of Intelligence at CrowdStrike, noted that the rapidly changing remote work environment highlights the importance of identity protection for the defence of any enterprise’s infrastructure. Meyers called upon organisations to take decisive action to control access and protect data in order to outmanoeuvre adversaries.

“There is a human being behind every attack, and cyber actors are getting bolder and more astute day to day. As such, it’s critical to employ comprehensive cloud-native technology for increased visibility and prevention capabilities including threat intelligence and expert threat hunting to stay one step ahead of modern-day attacks,” said Meyers.

The report forecasts that the healthcare industry will continue to face significant threats from criminal groups, with CrowdStrike Intelligence confirming that 18 Big Game Hunting enterprise ransomware families infected 104 healthcare organisations in 2020.

The COVID-19 pandemic and the resulting food shortage in the Democratic People’s Republic of Korea (DPRK) will see an enhancement in cyber operations in 2021. Meanwhile, China will focus on supply chain compromises and the targeting of key western verticals in support of the 14th Five Year Plan and the COVID-19 vaccine, such as health care, technology, manufacturing and aerospace.

Data extortion techniques will continue to accelerate through the introduction of dedicated leak sites (DLS).

The Global Threat Report provides readers with insights on modern adversaries and their tactics, techniques and procedures (TTPs). Through crowd- and cloud-enabled technology, CrowdStrike is able to leverage machine learning; mine data at scale; and distil threat telemetry to customers, helping them make more informed decisions.

Image credit: ©stock.adobe.com/au/vectorfusionart