A 583 percent increase in Kerberoasting identity attacks and 3x spike in malicious use of legitimate RMM tools take center stage, while adversary breakout time hits a record low
AUSTIN, Texas & LAS VEGAS--(BUSINESS WIRE)-- BLACK HAT USA -- CrowdStrike (Nasdaq: CRWD), today announced the release of the CrowdStrike 2023 Threat Hunting Report. The company’s sixth annual edition of the report, which covers attack trends and adversary tradecraft observed by CrowdStrike’s elite threat hunters and intelligence analysts, revealed a massive increase in identity-based intrusions, growing expertise by adversaries targeting the cloud, a 3x spike in adversary use of legitimate remote monitoring and management (RMM) tools, and a record low in adversary breakout time.
Covering adversary activity between July 2022 and June 2023, the report is the first to be published by CrowdStrike’s newly unveiled Counter Adversary Operations team, which was officially announced this week at Black Hat USA 2023.
Key findings from the report include:
“In our tracking of over 215 adversaries in the past year, we have seen a threat landscape that has grown in complexity and depth as threat actors pivot to new tactics and platforms, such as abusing valid credentials to target vulnerabilities in the cloud and in software,” said Adam Meyers, head of Counter Adversary Operations at CrowdStrike. “When we talk about stopping breaches, we cannot ignore the undeniable fact that adversaries are getting faster and they are employing tactics intentionally designed to evade traditional detection methods. Security leaders need to ask their teams if they have the solutions required to stop lateral movement from an adversary in just seven minutes.”
Additional Resources
About CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.
CrowdStrike: We stop breaches.
Learn more: https://www.crowdstrike.com/ Follow us: Blog | Twitter | LinkedIn | Facebook | Instagram Start a free trial today: https://www.crowdstrike.com/free-trial-guide/
© 2023 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230808674757/en/
Kevin BenacciCrowdStrike Corporate Communicationspress@crowdstrike.com
Source: CrowdStrike