Press release
2023 CrowdStrike Global Threat Report Reveals Sophisticated Adversaries Re-exploiting and Re-weaponizing Patched Vulnerabilities and Moving Beyond Ransomware
Emerging threat actors and increasing China-nexus activity drive a surge in identity and cloud threats, an uptick in social engineering, and faster breakout
About this update from Crowdstrike Holdings, Inc.
[{"type":"text","content":"\nEmerging threat actors and increasing China-nexus activity drive a surge in identity and cloud threats, an uptick in social engineering, and faster breakout times\n\n AUSTIN, Texas--(BUSINESS WIRE)--\nCrowdStrike (Nasdaq: CRWD), today announced the release of 2023 CrowdStrike Global Threat Report – the ninth annual edition of the cybersecurity leader’s seminal report on the evolving behaviors, trends and tactics of today’s most feared nation-state, eCrime and hacktivist threat actors around the world. Now tracking the activities of 200+ adversaries – including 33 new adversaries identified in the past year alone – the report found a surge in identity-based threats, cloud exploitations, China-nexus espionage and attacks that re-weaponized previously patched vulnerabilities.\nThis press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230228005546/en/CrowdStrike Adversary Naming Conventions (Graphic: Business Wire)\nThe annual report is created by the world-renowned CrowdStrike Intelligence team, leveraging data from trillions of daily events from the CrowdStrike Falcon platform and insights from CrowdStrike Falcon OverWatch. Key highlights from this year’s report include:\n\n\n71% of attacks detected were malware-free (up from 62% in 2021) and interactive intrusions (hands on keyboard activity) increased 50% in 2022 – Outlining how sophisticated human adversaries increasingly look to evade antivirus protection and outsmart machine-only defenses.\n\n\n112% year-over-year increase in access broker advertisements on the dark web – Illustrating the value of and demand for identity and access credentials in the underground economy.\n\n\nCloud exploitation grew by 95% and the number of cases involving ‘cloud-conscious’ threat actors nearly tripled year-over-year – More evidence adversaries are increasingly targeting cloud environments.\n\n\n33 new adversaries introduced – The biggest increase CrowdStrike has ever observed in one year – including the highly prolific SCATTERED SPIDER and SLIPPY SPIDER behind many recent high-profile attacks on telecommunication, BPO, and technology companies.\n\n\nAdversaries are re-weaponizing and re-exploiting vulnerabilities – Spilling over from the end of 2021, Log4Shell continued to ravage the internet, while both known and new vulnerabilities like ...