Russian state actors fastest at infiltrating networks
Russian state-sponsored attackers are the quickest at infiltrating a network among top cyber adversaries, according to a new report from endpoint protection company CrowdStrike.
CrowdStrike’s 2019 Global Threat Report compares the threat actors of Russia, China, North Korea and Iran in terms of breakout time — defined as the time between when an intruder compromises the first machine on a target’s network and when the intruder is capable of moving laterally to other systems on the network.
Russian nation-state actors achieved an average breakout time of just 18 minutes and 49 seconds, with North Korean nation-state actors the second fastest at 2 hours and 20 minutes.
Chinese state-sponsored attackers averaged just over 4 hours, while Iranian nation-state actors averaged 5 hours and 9 minutes.
CrowdStrike said it had identified several targeted intrusion campaigns by China, Iran and Russia focused on the telecommunications sector during the year.
Chinese state-sponsored attackers in particular appear to be ramping up their operational pace, the report states, and this trend is only likely to continue to accelerate amid the US–China trade war.
All the nation-state actors tracked in the report managed a significantly faster average breakout time than the 9 hours and 42 minutes achieved by independent global cybercrime actors. But the report notes that some cybercriminals can infiltrate networks in times rivalling even the fastest nation states.
“The threat landscape is evolving at an unprecedented rate, and with every breach, a company’s survival may be put on the line. Organisations can’t afford a passive approach to securing their assets,” CrowdStrike VP of Intelligence Adam Meyers said.
“As we continue to see highly sophisticated nation-state and e-crime actors elevate the level and complexity of daily threats, this report should serve as a resource for business leaders and security professionals to better understand the threat environment and make informed decisions that protect business-critical data.”
Only half of respondents to a global sweep of data protection practices among organisations in 18...
Retailers are heavily targeted by the increasingly popular attack method of credential stuffing,...
Japan's National Institute of ICT has commenced a five-year project involving rooting out IoT...