>
Cybercriminals are becoming more sophisticated by the day, and in many cases these days malware (opens in new tab)-free in their hacking attacks, new research has claimed.
Cybersecurity experts CrowdStrike’s “2023 CrowdStrike Global Threat Report,” based on “data from trillions of daily events” from the CrowdStrike Falcon platform and CrowdStrike Falcon OverWatch products, claims nearly three in four (71%) attacks detected in 2022 were free of malware, up from 62% just a year ago.
Interactive intrusions, which require hands-on keyboard activity, also increased 50% year over year, the researchers said, outlining “how sophisticated human adversaries are increasingly trying to evade anti-virus protection” and outsmart fully automated defense mechanisms.
Increasing sophistication
Also, the average outbreak time is now 84 minutes (compared to 98 minutes a year ago), which means that cybercriminals are getting faster.
CrowdStrike took a closer look at the state of cybercrime and found that the value and demand for identity and access data continues to grow, with an increase of 112% in 2022 over 2021. Cloud usage grew by 95%, while the number of cases involving “cloud crime” aware “threat actors” nearly tripled in the same time frame.
“The past 12 months have brought a unique combination of threats to the forefront of security. Fragmented eCrime groups re-emerged with more sophistication, relentless threat actors bypassed patched or mitigated vulnerabilities, and the feared threats of the Russia-Ukraine conflict masked more sinister and successful traction by a growing number of China-nexus adversaries,” said Adam Meyers , chief of intelligence at CrowdStrike.
“Today’s threat actors are smarter, more sophisticated and better equipped than ever before in the history of cybersecurity. Only by understanding their rapidly evolving skills, techniques and objectives – and by embracing technology fueled by the latest threat intelligence – can companies stay one step ahead of today’s increasingly ruthless adversaries.”
The number of hacking groups is growing at great speeds, according to the researchers, who claim that 33 new adversaries will be introduced by 2022. That was the largest increase the researchers have ever observed in a year, according to the newspaper. Among these threat actors are SCATTERED SPIDER and SLIPPY SPIDER, two groups behind “many recent high-profile attacks” against telecommunications, BPO and technology companies.
In addition, hackers are still using known vulnerabilities and older tools. Log4Shell remains a huge liability, as do ProxyNotShell and Follina.