Findings, trends and recommendations for action
Global Threat Report 2023: Turning trends into active opportunities
Each year, CrowdStrike® publishes the Global Threat Report to highlight relevant cyberattacks, events and attack scenarios from the previous year. For those who do not wish to download the full report, we have summarized the key findings and some tips:
Increasing professionalization of cyberattacks
Cyber attackers continue to focus on already known vulnerabilities, and attack them repeatedly using new techniques and advanced technologies.
Approximately 71% of the attacks received by CrowdStrike were malware-free, and the eBreakout time (the time it takes attackers to threaten other systems on a network from the initial attack point) averages 1 minute and 24 seconds. This shows that attackers are looking for the weakest link in the chain and are using increasingly effective methods to reach their target faster and faster. Actively fixing vulnerabilities is therefore one of the most effective protective measures that allow hackers to move on quickly. At the same time, the number of cloud exploit incidents, i.e. those attacks in which vulnerabilities in cloud services are exploited, has risen by 95% and cloud services are thus more and more the focus of hackers. Conversely, this means that the skills and capacities for the secure use and integration of cloud services are becoming increasingly important.
"Cyber attacks and the actors behind them are becoming increasingly sophisticated and effective. We must be aware that the procedures and techniques will continue to become more professional in the future. This increases the risk of becoming a victim of a cyber attack ourselves.
Only through the competent use of comprehensive security systems and new technologies, coupled with the continuous development of know-how, can companies secure an important lead in terms of information and cyber security."
says Harald Erkinger, CEO of CIS.
Standstill not an option
Companies must therefore constantly deal with their "blind spots," illuminate them, and take appropriate action precisely there. In the area of management systems, we often speak of a CIP (continuous improvement process).
We have summarized some tips for you here:
Exposing weak points
Whether with the help of a management system, internal scans, external penetration tests, or a fictitious attack (Red Team vs. Blue Team). Get an overview of your weaknesses – because it is precisely these that potential attackers focus on. Learn from mistakes and risks and turn them into opportunities for you!
Keep searching / Practice, practice, practice
Detection and defense technologies are essential today. At the same time, the best system provides little added value if the employees are not trained accordingly. Both in proactive handling and for a scenario in which the emergency has already occurred.
Cloud security: high priority
Corresponding standards, such as ISO 27018, promote the protection of personal data in cloud services by setting more specific requirements regarding implementation and compliance for service providers.
Sensitize employees to "social engineering"
Social engineering tactics are also on the rise. These aim to exploit human characteristics such as helpfulness or trust. Even if many mechanisms are already known, responsible handling of data (e.g. in social networks), unknown senders, or the disclosure of confidential information is essential.