CrowdStrike 2023 Global Threat Report: Resilient Businesses Fight Relentless Adversaries News
02.11.2023
Cisco acquires Splunk, but how do you convince Splunk customers that Cisco has advantages
01.11.2023
CrowdStrike provides 100% coverage according to the MITRE Engenuity ATT&CK® Evaluations: round 5
31.10.2023
Top 20 Shocking Data Breach Statistics for 2023
06.09.2023
Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active Directory Vulnerability
06.09.2023
iIT Distribution is the official distributor of LogRhythm!
31.08.2023
Instant replication with NAKIVO Backup & Replication v10.10 Beta
03.08.2023
Effective communication: Email vs. Instant Messaging?
25.07.2023
Infinidat Expands Support for Hybrid Cloud Storage Deployments with InfuzeOS Cloud Edition
14.07.2023
Falcon Insight for ChromeOS: The Industry’s First Native XDR Offering for ChromeOS
03.06.2023
Opening new horizons: iIT Distribution is the official distributor of Gatewatcher
13.05.2023
Another revolution in cybersecurity from CrowdStrike: top 5 important things to know about Managed XDR (MXDR)
09.05.2023
GTB Technologies is the best solution in the DLP industry
04.04.2023
CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers
24.03.2023
Labyrinth Deception Platform v2.0.51: Release notes
23.03.2023
SIEM vs Log Management Systems: What you need to know before choosing
15.03.2023
CrowdStrike Falcon Named the Winner of the 2022 AV-TEST Award for Best MacOS Security Product
10.03.2023
CrowdStrike 2023 Global Threat Report: Resilient Businesses Fight Relentless Adversaries
10.03.2023
Threema Work App Update: Encrypted Group Calls Are Now Available on Android Devices
28.02.2023
CrowdStrike Ranked #1 in the IDC Worldwide Endpoint Security Market Shares Report for Third Time in a Row
21.02.2023
Picus Red Report 2023: The Top 10 Most Prevalent MITRE ATT&CK Techniques Used by Attackers
14.02.2023
On leadership in the sphere of high-end unified storage: An exclusive interview with Phil Bullinger, CEO of Infinidat
11.02.2023
Securing PostgreSQL from Cryptojacking Campaigns in Kubernetes
30.01.2023
What's New in NAKIVO Backup & Replication v10.8: Release Overview
16.01.2023
Success Story: Georgian Bank Achieves 100% Backup Success Rate with NAKIVO
12.01.2023
CrowdStrike Named a Leader in Frost & Sullivan’s 2022 Frost Radar for Cyber Threat Intelligence
12.12.2022
DDoS Attack Prevention and DDoS Protection Best Practices
21.11.2022
How Hackers Can Bypass Multi-Factor Authentication
08.11.2022
CrowdStrike Achieves Red Hat OpenShift Certification: Streamlining Visibility and Automating Protection for OpenShift
03.11.2022
Infinidat Recognized as a Leader in Gartner Magic Quadrant for Primary Storage – 5th Year in a Row
19.10.2022
New version of NetBrain Release 11: the key to reducing the cost of NetOps
13.10.2022
With security revenue surging, CrowdStrike wants to be a broader enterprise IT player
05.10.2022
CrowdStrike Announced the Acquisition of Reposify to Bolster Visibility and Reduce Risk Exposure of External Assets
22.09.2022
Kubernetes против Docker: в чем между ними разница?
16.09.2022
Infinidat расширяет функции NVMe/TCP для сред VMware
15.09.2022
Новые возможности InfiniBox от Infinidat: vVols репликация для VMware сред
02.09.2022
Индикаторы атак на основе искусственного интеллекта позволяют максимально быстро прогнозировать и останавливать угрозы
03.08.2022
Истории с Dark Web: Отслеживание подпольной экономики eCrime улучшает эффективность киберзащиты
22.07.2022
Развитие ботнетов и DDoS-атак
15.07.2022
Lookout обнаружила шпионское ПО для Android, развернутое в Казахстане
11.07.2022
Выявление и смягчение атак NTLM-ретрансляции, нацеленных на контроллеры домена Microsoft
20.06.2022
Что такое демократизация данных?
07.06.2022
Неизменные резервные копии: что вам нужно знать, чтобы защитить свои данные
22.05.2022
Украинские Киберактивисты Использовали Скомпрометированные Docker Honeypots Для Антироссийских Dos-Атак
06.05.2022
ЧТО НОВОГО В LABYRINTH DECEPTION PLATFORM: РЕЛИЗ 2.0.32
22.04.2022
PALO ALTO NETWORKS проинформировала об уязвимостях, которые могут разрешить злоумышленникам отключить платформу CORTEX XDR
15.04.2022
INSPUR ВТОРОЙ ГОД ПОДРЯД СТАНОВИТСЯ ОБРАЗЦОВЫМ ПОСТАВЩИКОМ CLOUD-OPTIMIZED ОБОРУДОВАНИЯ ПО ВЕРСИИ GARTNER HYPE CYCLE
08.10.2020
Intelligent IT Distribution взяла участь у Третьому щорічному Міжнародному Форумі «Кібербезпека - Захистимо Бізнес, Захистимо Держава»
29.09.2020
iITD - партнер форуму “Кібербезпека - захистимо бізнес, захистимо державу” 2020
24.09.2020
Компанія IIT Distribution отримала статус дистриб’ютора рішень NetBrain Technologies на території України
28.08.2020
Fal.Con 2020 від CrowdStrike
25.08.2020
Дотримання норм страхування кіберризиків
25.08.2020
Автоматично блокуйте скомпрометовані облікові записи з Lepide Active Directory Self Service 20.1
25.08.2020
Компанія Cossack Labs запрошує відвідати NoNameCon
22.07.2020
Підписання дистриб’юторської угоди з компанією Safe-T
21.07.2020
Міжнародна конференція: "Online Banking - Час інновацій!"
18.06.2020
Глобальний звіт про кіберзагрози 2020
11.06.2020
Четвер, 25 червня 2020 року. Не пропустіть!
05.05.2020
Анонс: нова версія Acra Enterprise забезпечує підвищену гнучкість для високонавантажених систем
13.04.2020
Lepide Remote Worker Monitoring Pack - легка платформа безпеки, яка гарантує негайний захист даних бізнесу протягом непередбаченого періоду віддаленої роботи.
12.04.2020
Забезпечення кібербезпеки для віддалених користувачів
08.04.2020
Labyrinth Technologies пропонує скористатися спеціальною пропозицією - ліцензія на 12 місяців за ціною 6 місяців.
07.04.2020
«CrowdStrike: дистанційна робота та ІТ-безпеку за часів кризи - скорочена ліцензійна програма на 3-6 місяців».
23.03.2020
Компанія iIT Distribution отримала статус дистриб’ютора рішень RedSeal Networks на території України.
23.03.2020
Компанія iIT Distribution отримала статус дистриб’ютора рішень Lepide на території України.
16.03.2020
Компанія iIT Distribution починає дистрибуцію рішень CrowdStrike на території України.
19.02.2020
20 лютого у Києві відбудеться щорічна конференція CISO DX DAY 2020
18.02.2020
Компанія iIT Distribution отримала статус дистриб’ютора рішень Instana на території України.
17.02.2020
Exabeam Security Intelligence Platform допомагає
The CrowdStrike 2023 Global Threat Report, among the most trusted and comprehensive research on the modern threat landscape, explores the most significant security events and trends of the previous year, as well as the adversaries driving this activity.
The latest edition of the CrowdStrike Global Threat Report comes at a critical time for organizations around the world. Adversaries have become more sophisticated, relentless and destructive in their attacks, as evidenced by the emergence of several trends in 2022 that threaten enterprise productivity and global stability. It is imperative that businesses pay attention to these changes in the threat landscape and respond with a stronger, more proactive defense.
Nation-state activity was front and center throughout 2022. The year started ominously as Russia’s deadly war of aggression in Ukraine brought about a terrible human toll, threatened international order and put countless global organizations at risk of spillover cyberattacks. China state-nexus adversaries accelerated their cyber espionage campaigns throughout the year, and Iranian actors launched destructive “lock-and-leak” operations using ransomware.
Adversaries continued to adapt and refine their techniques, which included re-weaponizing vulnerabilities, a greater focus on cloud exploitation and a rise in malware-free attacks. We saw a dramatic increase in advertisements from access brokers, who acquire access to organizations and provide or sell it to other actors, including ransomware operators. CrowdStrike Intelligence identified a significant increase in access broker activity throughout 2022, with more than 2,500 advertisements identified — a 112% jump from 2021. An especially popular tactic was the abuse of compromised credentials acquired via information stealers or purchased on the criminal underground, reflecting a growing interest in targeting identities that we also saw last year: Our 2022 report found 80% of cyberattacks leveraged identity-based techniques.
In 2022, CrowdStrike Intelligence began tracking 33 new actorsraising the total number tracked to more than 200. Stopping breaches requires an understanding of these adversaries, including their motivations and the techniques they use to target organizations. Below are some of the trends and findings we explore in greater detail throughout this year’s report:
- 71% of attacks detected were malware-free (up from 62% in 2021) and interactive intrusions (hands on keyboard activity) increased 50% in 2022 – Outlining how sophisticated human adversaries increasingly look to evade antivirus protection and outsmart machine-only defenses.
- 112% year-over-year increase in access broker advertisements on the dark web – Illustrating the value of and demand for identity and access credentials in the underground economy.
- Cloud exploitation grew by 95% and the number of cases involving ‘cloud-conscious’ threat actors nearly tripled year-over-year – More evidence adversaries are increasingly targeting cloud environments.
- Adversaries are re-weaponizing and re-exploiting vulnerabilities – Spilling over from the end of 2021, Log4Shell continued to ravage the internet, while both known and new vulnerabilities like ProxyNotShell and Follina – just two of the more than 900 vulnerabilities and 30 zero-days Microsoft issued patches for in 2022 – were broadly exploited as nation-nexus and eCrime adversaries circumvented patches and side stepped mitigations.
- eCrime actors moving beyond ransom payments for monetization – 2022 saw a 20% increase in the number of adversaries conducting data theft and extortion campaigns.
- China-nexus espionage surged across all 39 global industry sectors and 20 geographic regions tracked by CrowdStrike Intelligence– Rise in China-nexus adversary activity shows that organizations across the world and in every vertical must be vigilant against the threat from Beijing.
- Average eCrime breakout time is now 84 minutes– This is down from 98 minutes in 2021, demonstrating the extensive speed of today’s threat actors.
- The cyber impact of Russia-Ukraine war was overhyped but not insignificant – CrowdStrike saw a jump in Russia-nexus adversaries employing intelligence gathering tactics and even fake ransomware, suggesting the Kremlin’s intent to widen targeting sectors and regions where destructive operations are considered politically risky.
- An uptick in social engineering tactics targeting human interactions – Tactics such as vishing direct victims to download malware and SIM swapping to circumvent multifactor authentication (MFA).
CrowdStrike: Stopping Breaches So Customers Can Move Forward
The 2023 Global Threat Report shows security must parallel the slope of technology innovation. As enterprise technology matures, security must also evolve to match the sophistication of the technology organizations rely on. This slope of innovation applies to adversary activity as well: With every innovation we achieve, we can expect adversaries to seek new ways to exploit it.
At CrowdStrike, our mission today is the same as when we started: to stop breaches so our customers can move forward. Our focus is on delivering the platform, technology and intelligence needed to keep you ahead of the adversary. This is why we’ve unified and delivered critical protections like endpoint and extended detection and response, identity threat protection, cloud security, vulnerability and risk management, threat intelligence and much more — all from a single platform.
DOWNLOAD THE CROWDSTRIKE 2023 GLOBAL THREAT REPORT
The report will be extremely useful for organizing further joint work to protect the world from those who wish to do harm. Security starts with knowing who the enemies are that are targeting us, their tactics, and the vulnerabilities they will try to exploit. With this knowledge comes determination, the confidence that together we can win.
iIT Distribution is a provider of the most advanced solutions and tools for building and maintaining IT infrastructure. We work closely with our partners to meet the needs of end customers and provide a full range of project support services.
Back
Russian 
English