Cyberperps exploit supply chains, double down on COVID-19

Cybercrime attacks made up 79% of all intrusions, via hands-on-keyboard activity, uncovered by CrowdStrike Falcon OverWatch, the firm’s expert team of threat hunters, according to their 2021 Global Threat Report.

Among a popular vector for cyber criminals is the supply chain as it allows malicious actors to propagate multiple downstream targets from a single intrusion.

The Global Threat Report analyzes comprehensive threat data from CrowdStrike’s Falcon Intelligence, Falcon OverWatch, Threat Graph — a massively scalable, cloud-native graph database technology processing 5 trillion events per week across 176 countries and CrowdStrike Services — providing readers with deep insights on modern adversaries and their tactics, techniques, and procedures.

Additionally, the report spotlights how nation-state adversaries infiltrated networks to steal valuable data seeking COVID-19 vaccine research, whereby threat actors have improved strategies to evade detection and camouflage in networks, many times deceiving their targets.

“There is a human being behind every attack, and cyber actors are getting bolder and more astute day-to-day,” said Adam Meyers, SVP of intelligence at CrowdStrike. “As such, it’s critical to employ comprehensive cloud-native technology for increased visibility and prevention capabilities including threat intelligence and expert threat hunting to stay one step ahead of modern-day attacks.”

Meyers added that today’s rapidly changing remote work environment highlights that identity protection is central to the defense of any enterprise’s infrastructure. Organisations must take decisive action to control access and protect data to outmaneuver adversaries.

The report also found that the healthcare industry will continue to face significant threats from criminal groups as CrowdStrike Intelligence confirmed 18 Big Game Hunting enterprise ransomware families infected 104 healthcare organizations in 2020.

Adversaries from North Korea will be motivated to enhance cyber operations in 2021 due to COVID-19 and a resulting food shortage.

Data extortion techniques will continue to accelerate through the introduction of Dedicated Leak Sites (DLS). China will focus on supply chain compromises and the targeting of key western verticals in support of the 14th Five Year Plan and the COVID-19 vaccine including academic, healthcare, technology, manufacturing, and aerospace.