This week, CrowdStrike published their 8th annual Global Threat Report showing a massive increase in ransomware-related data leaks. There were nearly 2,700 attacks in 2021, compared to fewer than 1,500 in 2020 – an 82% increase in just one year.
That’s an eye-popping stat, albeit not a surprising one for those in the cybersecurity industry who’ve had to deal first-hand with the trend the last few years. This “business” (hackers are operating more and more like legitimate firms, even offering customer support) is generating outsized profits, so of course it’s growing. Furthermore, like it or not, affected companies are ponying up.
More surprising from the report is another stat: the majority of attacks, 62%, are malware-free. That means threat actors initially aren’t “breaking in” to gain access. They’re letting themselves in disguised as normal users, taking advantage of OS vulnerabilities or compromised credentials, then moving laterally undetected to wreak havoc.
“More surprising from the report is another stat: the majority of attacks, 62%, are malware-free.”
As George Kurtz, CrowdStrike CEO, points out in his recent CNBC interview, it’s why eliminating trust in environments is so crucial nowadays. Whether it’s a laptop, cloud workload, or server, each should be an “armored system” that doesn’t implicitly trust interactions with the others. Furthermore, enterprises need advanced monitoring and detection that moves beyond malware, with the capability of identifying attackers “living off the land.”
I recommend watching the interview below for a high-level discussion of the research and downloading the full report for an in-depth read.
Highlights from the interview: