On Tuesday, CrowdStrike released its 2023 Global Threat Report, which revealed that the company is now tracking more than 200 adversaries, after identifying 33 new threat actors and campaigns in 2022. Of the 33, 14 were brand new adversaries or activity, while the rest were linked to prior activity. The list included 20 cybercriminal adversaries, a Russia-linked group, and the first Syrian state-sponsored group.
CrowdStrike’s analysis of the threat landscape in 2022 also showed that cloud exploitation cases increased by 95%, while attacks are increasingly becoming ‘malware free’ — attackers in many cases abused valid credentials and vulnerability exploitation for initial access rather than malware. Initial access brokers were in high demand last year, with an increase of 112% in the number of ads for such services on the dark web. There was also an increase in cybercrime operations, with the breakout time — the time it takes hackers to move from the initially compromised host to a different host within the victim’s network — decreasing from 98 minutes in 2021 to 84 minutes in 2022.
When it comes to state-sponsored activity, China was the most active last year. CrowdStrike also confirmed the findings of other security firms regarding the cyber impact of the Russia-Ukraine war, saying that while Russia’s attacks were not insignificant, their impact was smaller than many expected.
In conclusion, the 2023 Global Threat Report from CrowdStrike reveals a concerning uptick in the number of adversaries, cloud exploitation, malware-free attacks, initial access brokers, cybercrime operations, and state-sponsored activity. It also confirms that the cyber impact of the Russia-Ukraine war was less than initially anticipated.
Key Points:
• CrowdStrike identified 33 new threat actors and campaigns in 2022, 14 of which were brand new adversaries or activity.
• Cloud exploitation cases increased by 95%, and attacks are increasingly becoming ‘malware free’.
• Initial access brokers were in high demand last year, with an increase of 112% in the number of ads for such services on the dark web.
• China was the most active state-sponsored actor last year.
• The cyber impact of the Russia-Ukraine war was less than initially anticipated.