Content, Channel partners, Content

CrowdStrike 2023 Global Threat Report: Cloud Exploitation Up 95% Year Over Year

Cyber adversaries are increasingly targeting cloud environments as they explore new ways to attack global organizations, according to the 2023 Global Threat Report from CrowdStrike. Cloud exploitation increased 95% year over year in 2022, CrowdStrike reported. Also, the number of cases involving "cloud-conscious" threat actors nearly tripled year over year.

CrowdStrike Report Takeaways

Other key takeaways from CrowdStrike's report include:

  • Cyber adversaries are re-weaponizing and re-exploiting vulnerabilities. Log4Shell continued to "ravage the internet," CrowdStrike indicated. Meanwhile, cybercriminals frequently exploited known and new vulnerabilities like ProxyNotShell and Follina to bypass patches and mitigations.
  • Human adversaries are looking beyond malware to evade antivirus software. Approximately 71% of cyberattacks detected were free of malware, up from 62% one year earlier. In addition, interactive intrusions (cyberattacks involving hands-on-keyboard activity) rose 50% year over year.
  • Cybercriminals are investing in dark web ads. CrowdStrike reported a 112% year-over-year increase in access broker advertisements on the dark web, which highlights the value of and demand for identity and access credentials in the underground economy.
  • Thirty-three new cyber adversaries were discovered. This marks the largest increase in new cyber adversaries found that CrowdStrike has observed over the course of one year.
  • China-linked espionage increased globally. There was a rise in China-linked adversary activity that affected organizations across 39 industry sectors and 20 geographic regions.
  • Threat actors are working faster than ever before. The average eCrime breakout time fell from 98 minutes in 2021 to 84 minutes in 2022.
  • Cybercriminals are using social engineering tactics to target human interactions. Many cyber adversaries used vishing to circumvent multi-factor authentication (MFA) and lure victims to download malware.

Staying Ahead of Cyber Adversaries

The past year has brought a "unique combination of threats to the forefront of security," CrowdStrike Head of Intelligence Adam Meyers said. With a clear understanding of cybercrime tactics, techniques and procedures (TTPs), organizations are well equipped to stay ahead of cyber adversaries and protect against cyberattacks and data breaches.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.