Ransomware-connected knowledge leaks surged by 82% year-on-12 months in 2021, but most cyber-attacks concerned no malware at all, according to a new report from CrowdStrike.
The security company’s 2022 World Danger Report was compiled from an examination of its personal incident response engagements and security telemetry.
It discovered that 62% of attacks were being compromised of “non-malware, hands-on-keyboard action.” That implies danger actors use legitimate credentials to entry networks and then “living off the land” tactics to achieve lateral motion when within.
These ways aid them bypass detection by legacy applications, but not current network checking and other habits-based mostly security.
These techniques may partly clarify the surge in highly specific ransomware attacks against high-benefit corporations, recognised as “big-sport searching.” CrowdStrike said the range of these attacks leading to knowledge leaks rose from 1474 in 2020 to 2686 very last calendar year. This amounts to above 50 qualified ransomware functions per 7 days.
The industrial and engineering sector was most commonly strike, accounting for just about 400 attacks very last year, adopted by producing and then the technology vertical.
Their adversaries have also been ramping up the pressure economically. CrowdStrike noticed that ransomware-connected needs averaged $6.1m per incident, up 36% from 2020.
CrowdStrike CEO George Kurtz argued that organization risk coalesces all around a few locations: endpoints and cloud workloads, identity and knowledge.
“Threat actors proceed to exploit vulnerabilities throughout endpoints and cloud environments, and ramp up innovation on how they use identities and stolen qualifications to bypass legacy defenses – all to achieve their purpose, which is your data,” he ongoing.
“As adversaries advance their tradecraft in this way to bypass legacy security options, autonomous device understanding by itself is not very good ample to stop focused attackers.
Some components of this post are sourced from: