CrowdStrike sees lines blur

The lines between nation-state sponsored attack groups and criminals is blurring, with both groups utilising similar tactics such as fileless malware and “living off the land” techniques involving processes native to the Windows operating system, including PowerShell and WMI (Windows Management Instrumentation).

The trend has been revealed in CrowdStrike’s Annual Cyber Intrusion Services Casebook, covering its information on attacks.

The report also has noted that the number of days between the first evidence of a compromise and its initial detection (the dwell time) is now 86 days and that malware is often self-propogating, using variants to spread once a system is infected.

However, it also reports that companies are getting better at self-detection, with 68 per cent of the reviewed cases able to internally identify the breach. This represents an 11 perc ent increase over prior years.

    Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.