lolloj - Fotolia

Cyber criminals catching up with nation state attacks

The trickle-down effect of advanced “military-grade” tools is seeing the gap between cyber criminal and nation state attack capabilities closing, outpacing many organisations’ defence capabilities

The lines are blurring between statecraft and tradecraft, evolving the cyber threat landscape beyond the defence capabilities of conventional security measures, according to the latest global threat report by security firm CrowdStrike.

In 2017, 39% of all attacks that CrowdStrike observed constituted malware-free intrusions that were not detected by traditional antivirus systems, with the manufacturing, professional services and pharmaceutical industries facing the most malware-free attacks, the report revealed.

CrowdStrike data also indicates that it takes an intruder an average of one hour 58 minutes to begin moving laterally to other systems in the network.

Extortion and weaponisation of data have become mainstream among cyber criminals, the report warned, heavily impacting government and healthcare, among other sectors.

Nation state-linked attacks and targeted ransomware are also on the rise and could be used for geopolitical and even militaristic exploitation purposes, the report said.

Supply chain compromises and crypto fraud and mining will present new attack vectors for both state-sponsored and cyber criminal actors, the report said.

“We have already seen how cyber criminals can come up with massive, destructive attacks that render organisations inoperable for days or weeks,” said Dmitri Alperovitch, CrowdStrike’s chief technology officer and co-founder. “Looking ahead, security teams will be under even more pressure to detect, investigate and remediate breaches fast.”

Read more about threat intelligence

  • How to use threat intelligence in your business.
  • There are five key challenges to cyber threat intelligence sharing, according to a report by McAfee Labs.
  • Threat intelligence tools are a growing market, and enterprises need to be able to see through the hype to get the best product for them.
  • Learn how threat intelligence services benefit enterprise security and how to subscribe to the right threat intelligence service.

Established and well-resourced cyber operations will continue to innovate, developing new methods of distributing crimeware and incorporating advanced tactics to infiltrate, disrupt and destroy systems, the report warned.

Adam Meyers, vice-president of intelligence at CrowdStrike, said the lines between nation-state and cyber crime actors are increasingly blurring, raising the sophistication of threats to a new level.

“Actionable threat intelligence and real-time threat data are crucial in empowering better security and executive decisions,” he said.

Meyers said CrowdStrike’s latest report is aimed at making public and private sector organisations better informed about the tactics, techniques and procedures that attackers are using to enable defenders to allocate the most appropriate defences and resources.

Read more on Hackers and cybercrime prevention

Data Center
Data Management