Content, Channel partners, Content

CrowdStrike Report: eCrime Actors Drove Cyber Intrusions in 2020

Share

Approximately 80 percent of cyber intrusions uncovered in 2020 were linked to eCrime actors, according to the CrowdStrike 2021 Global Threat Report. eCrime actors also look poised to increasingly launch cyberattacks against global organizations this year.

In addition, CrowdStrike's report highlighted various cyber threat trends, including:

1. Cybercriminals Use Coronavirus (COVID-19) Themes to Attack Healthcare Organizations

COVID-19 phishing campaigns and lures were frequently used in 2020. eCrime and targeted intrusion adversaries have often attacked the healthcare sector throughout the pandemic, and this trend could continue throughout 2021.

2. StellarParticle Adversaries Eye Supply Chain Attacks

Cybercriminals used the StellarParticle activity cluster to distribute and install malicious code during SolarWinds Orion supply chain attacks. StellarParticle actors may launch supply chain attacks that pose risks to organizations across all sectors this year.

3. Big Game Hunters Leverage Data Extortion

Big game hunters are "a pervasive threat to companies worldwide across all verticals," CrowdStrike noted. They have been commonly using data extortion to pressure victims to make ransom payments.

4. Rising Use of Access Brokers

Many big game hunter actors and ransomware attackers are using access brokers during their cyberattacks. Access brokers typically gain backend access to corporations, government entities and other organizations and sell this access via criminal forums or private channels.

5. Malware Obfuscation Integrated into Build Processes

Hackers are using open-source tools to build processes that protect and obfuscate their malicious payloads. However, this tactic may not be widely adopted by less sophisticated threat groups, CrowdStrike indicated.

Furthermore, CrowdStrike offered the following recommendations to help organizations address potential weaknesses before they can be leveraged by attackers:

  • Maintain visibility across all IT environments
  • Use multi-factor authentication and privilege access management processes
  • Conduct continuous threat hunting
  • Collect and analyze threat intelligence
  • Establish a cybersecurity policy that accounts for remote workers

A culture of cybersecurity can help organizations combat cyberattacks as well, CrowdStrike said. This culture promotes cybersecurity education and training and ensures all personnel can work together to minimize cyber risk.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.