China, North Korea, Iran behind bulk of state-sponsored attacks

The countries have been identified as the most active state sponsors of malicious activity.

Cyber security company CrowdStrike has released an annual threat hunting report, which has identified a 60 per cent increase in attempted intrusions spanning all industry verticals and geographic regions.

The findings, collected by threat hunting team Falcon OverWatch, also suggest that cyber actors are manipulating networks more efficiently, with the average breakout time – the time it takes for an intruder to begin moving laterally outside of the initial beachhead to other systems in the network – reducing to just one hour 32 minutes, a threefold drop from 2020.

Cyber criminals are also exploring alternatives to malware, with 68 per cent of detections malware-free.

Alarmingly, China, North Korea and Iran were the most active state sponsors of cyber attacks, representing the majority of targeted intrusions.

Other findings include:

  • a surge in interactive intrusion activity targeting the telecommunications industry;
  • WIZARD SPIDER was the most prolific cyber criminal, responsible for nearly double the number of attempted intrusions than any other eCrime group; and
  • a 100 per cent increase in instances of cryptojacking in interactive intrusions year-over-year, correlating with increases in cryptocurrency prices.

“Over the past year, businesses faced an unprecedented onslaught of sophisticated attacks on a daily basis,” Param Singh, vice president of Falcon OverWatch, CrowdStrike, said.

Read the article by Charbel Kadib in Defence Connect.