Cybercriminals have been busy beavers during the pandemic, according to a new report from cybersecurity firm CrowdStrike.
The company found that cyberattacks conducted via hands-on keyboard activity made up almost four fifths (79%) of all intrusions in the past year. The time taken for attackers to cause serious damage also fell dramtically from 2019 to 2020, with the average “breakout time” (how long it takes for an attacker to start moving beyond the initial beachhead) was now just four hours and 28 minutes.
Furthermore, with Covid-19 very much still being a thing, the healthcare industry is perceived as a lucrative target. CrowdStrike Intelligence confirmed 18 ‘Big Game Hunting’ enterprise ransomware families, that managed to infect more than a hundred healthcare organizations last year.
Cloud-native could be the answer
The report went on to highlight a number of other potential threats over the coming months as the world tries to return to normal.
Breaking the threat landscape down geographically, CrowdStrike believes China will remain mostly focused on supply chain compromises against western companies, as it looks to steal valuable intelligence on the Covid-19 technology, vaccine, its manufacturing and distribution.
The company also highlighted a food shortage in North Korea caused directly by the pandemic, and warned this may force cybercriminals into enhancing their operations this year.
The introduction of Dedicated Leak Sites (DLS), data extortion techniques is also expected to allow attackers a number of new attack vectors.
But of all the different attack types and styles, targeting the supply chain has become quite popular, mostly due to the fact that a single breach allows criminals access to multiple targets.
CrowdStrike is now urging businesses ensure the security of their data by employing comprehensive cloud-native technology. It should allow them increased visibility and prevention capabilities, which include threat intelligence and expert threat hunting.
“(T)oday’s rapidly changing remote work environment highlights that identity protection is central to the defense of any enterprise’s infrastructure,” said Adam Meyers, senior VP of intelligence at CrowdStrike.
“Organizations must take decisive action to control access and protect data in order to outmaneuver adversaries.”