The report of CrowdStrike provides a comprehensive insight into the current threat landscape and shows which cyberattacks occured this year. In addition to financially motivated cybercrime, which has occurred almost continuously in the past year, CrowdStrike observed an increase in ransomware attacks, various developments in the tactics used and increasing demands for ransom online crime actors. These groups of attackers have also started to exfiltrate data to threaten the publication of embarrassing or proprietary information.
The previous year was not only marked by cybercrime, but also by nation-state attacks that targeted a variety of industries. The telecommunications industry in particular was increasingly targeted by attackers.
Crowdstrike Recommends Effective Rules To Prevent Cyber Attacks
Combating these threats requires a mature process that can prevent, detect and respond to such attacks quickly and flexibly. Crowdstrike recommends companies to follow the 1-10-60 rule to effectively prevent cyberattacks. Detect an intrusion in less than a minute. Analyze within a few minutes. Contain and eliminate the attacker within 1 hour. Organizations that meet these requirements are not only more able to neutralize a potential attacker before they can dig deeper into the system from the point of attack, but could also minimize the impact of an attack on the organization. The threat landscape itself is changing, with malware free attacks increasing and already exceeding the volume of malware attacks. This year’s report shows that an increase in cybercrime can easily disrupt business. It is therefore essential that modern organizations pursue a sophisticated security strategy that includes reliable detection and response as well as controlled threat hunting in order to localize incidents and reduce risks.
Internationally, an extremely large number of companies see their need to catch up when it comes to detecting attacks: 90% feel that their organization should do more to understand attackers. And at least 60 percent believe that there is a connection between better understanding and more competent and sustainable data protection. Some think that their company had experienced attacks on their networks and IT infrastructure in the past year that they were unable to prevent the cybercrime.