A report by CrowdStrike revealed that malicious actors are intruding past cyber defenses faster. In 2022, the average breakout time was 79 minutes. In 2023, security leaders only had 62 minutes to secure against intrusions and minimize damage.
Interactive invasions, or hands-on-keyboard activity, saw a 60% increase. Among attacks that granted cybercriminals initial access, 75% did not use malware. This suggests an increase in methods such as social engineering, deployment of access brokers and supply chain targeting.
The most targeted sectors were technology and financial services. Adversaries such as Fancy Bear, Scattered Spider and Cozy Bear targeted Microsoft platforms such as Outlook and Excel in order to bypass defenses of organizations in hospitality, technology and government sectors.
Cybercriminals also use the cloud to carry out their attacks. 2023 saw successful cloud attacks increase by 75%, with a 110% year-over-year rise in cloud-conscious instances.
The report tracked over 232 adversaries in 2023. 34 new arrivals emerged last year, including Watchful Sphinx in Egypt. It is expected that these adversaries will expand their operations in 2024, highlighting the need for security leaders to be vigilant against evolving threats.