INFOGRAPHIC move laterally from initial compromise to other hosts in the victim environment fell from the previous all-time low of 84 minutes in 2022 to a record 79 minutes in 2023 . Additionally , the fastest breakout time of the year was recorded at just seven minutes .
• The financial industry saw a stunning 80 % YoY increase in interactive intrusions : Defined as intrusions that use hands-on keyboard activity , interactive intrusions were up 40 % overall .
• Access Broker advertisements increase by 147 % on criminal or underground communities : Ready access to valid accounts for sale lowers the barrier to entry for eCrime actors looking to conduct criminal operations and allow established adversaries to hone their post-exploitation tradecraft to achieve their objectives with more efficiency .
• 3x increase in adversary use of Linux privilege-escalation tool to exploit cloud environments : CrowdStrike witnessed a threefold increase in Linux tool linPEAS , which adversaries use to gain access to cloud environment metadata , network attributes , and various credentials that they can then exploit .
“ In our tracking of over 215 adversaries in the past year , we have seen a threat landscape that has grown in complexity and depth as threat actors pivot to new tactics and platforms , such as abusing valid credentials to target vulnerabilities in the cloud and in software ,” said Adam Meyers , Head of Counter Adversary Operations at CrowdStrike .
“ When we talk about stopping breaches , we cannot ignore the undeniable fact that adversaries are getting faster and they are employing tactics intentionally designed to evade traditional detection methods . Security leaders need to ask their teams if they have the solutions required to stop lateral movement from an adversary in just seven minutes .”
About CrowdStrike
CrowdStrike , a global cybersecurity leader , has redefined modern security with one of the world ’ s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads , identity and data . Powered by the CrowdStrike Security Cloud and world-class AI , the CrowdStrike Falcon platform leverages real-time indicators of attack , threat intelligence , evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections , automated protection and remediation , elite threat hunting and prioritized observability of vulnerabilities .
Purpose-built in the cloud with a single lightweight-agent architecture , the Falcon platform delivers rapid and scalable deployment , superior protection and performance , reduced complexity and immediate time-to-value . p
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 29