“The 2024 edition of the CrowdStrike Global Threat Report comes at a crucial time for our global protector community. The speed and ferocity of cyberattacks continue to accelerate as opponents narrow the time between initial entry, lateral movement and breach. At the same time, the rise of generative AI has the potential to reduce the entry barrier for low-skilled adversaries, facilitating the launch of attacks that are more sophisticated and cutting-edge,” said George Kurtz, co-founder and CEO of CrowdStrike.
The “CrowdStrike Global Threat Report”, now in its tenth edition, reported the biggest threats on the horizon by 2024, including the disruption of world elections and the exploitation of generative AI to reduce the barrier of entry and launch more sophisticated attacks. Some key findings include:
- Dramatic increase in the speed of attacks: The speed of cyber attacks continues to accelerate at an alarming rate. The report indicates that the average time of escape has been reduced to only 62 minutes, compared to 84 the previous year (and the fastest attack recorded was 2 minutes and 7 seconds). Once initial access was obtained, it took an adversary only 31 seconds to release the initial discovery tools in an attempt to compromise the victims.
- Stealth attacks increase as opponents compromise credentials: report notes sharp increase in interactive intrusions and manual keyboard activity (60%) as adversaries increasingly exploit stolen credentials to gain initial access to target organizations.
- Adversaries follow as companies move to the cloud: adversaries turned their gaze to the cloud through valid credentials, creating a challenge for advocates looking to differentiate between normal and malicious user behavior. The report shows that cloud intrusions increased by 75% overall and cloud-related cases amplified by 110% year-over-year.
- Exploiting generative AI on the horizon: In 2023, CrowdStrike observed nation-state actors and hacktivists experimenting with and seeking to abuse generative AI to democratize attacks and reduce the entry barrier for more sophisticated operations. The report highlights how generative AI is likely to be used for cyber activities in 2024 as technology continues to gain popularity.
“The speed and ferocity of cyberattacks continue to accelerate as opponents narrow the time between initial entry, lateral movement and breach”.
–George Kurtz
- Disrupting democracy by focusing on global elections: With more than 40 democratic elections scheduled for 2024, the adversaries of states-electronic crime will have numerous opportunities to alter the electoral process or influence voter opinion. It is very likely that the nation-state actors of China, Russia and Iran will carry out misinformation or misinformation operations to sow disturbances in a context of geoconflicts and global elections.
“Throughout 2023, CrowdStrike observed unprecedented stealth operations by blatant electronic crime groups, sophisticated nation-state actors and hacktivists targeting companies from all sectors around the world. Rapidly evolving adverse techniques focused on both cloud and identity at unprecedented speed, while threat groups continued to experiment with new technologies, such as GenAI, to increase the success and pace of their malicious operations”, said Adam Meyers, chief of operations against adversaries at CrowdStrike.
“To defeat relentless adversaries, organizations must adopt a platform approach, driven by intelligence and threat hunting, to protect identity, prioritize cloud protection and provide comprehensive visibility of business risk areas”, recommended.
