CrowdStrike, a Sunnyvale, California-based company specializing in cloud-delivered endpoint and workload protection, has released its 2021 Global Threat Report, detailing the global threat landscape and security best practices to fend off the attacks.
According to the report, eCrime attacks made up 79% of all intrusions. The supply chain has been identified as a major attack vector as it allows malicious actors to propagate multiple downstream targets from a single intrusion. Additionally, the report spotlights how nation-state adversaries infiltrated networks to steal valuable data seeking COVID-19 vaccine research, whereby threat actors have improved strategies to evade detection.
“There is a human being behind every attack, and cyber actors are getting bolder and more astute day-to-day,” said Adam Meyers, senior vice president of intelligence at CrowdStrike. “Additionally, today’s rapidly changing remote work environment highlights that identity protection is central to the defense of any enterprise’s infrastructure. Organizations must take decisive action to control access and protect data in order to outmaneuver adversaries,”
Among other key findings, the healthcare industry will continue to face significant threats from criminal groups as CrowdStrike confirmed 18 Big Game Hunting enterprise ransomware families infected 104 healthcare organizations in 2020.
Adversaries from the Democratic People’s Republic of Korea (DPRK) will be motivated to enhance cyber operations in 2021 due to COVID-19 and a resulting food shortage.
Data extortion techniques are expected to continue to accelerate through the introduction of Dedicated Leak Sites (DLS).
China will focus on supply chain compromises and the targeting of key western verticals in support of the 14th Five Year Plan and the COVID-19 vaccine including academic, healthcare, technology, manufacturing and aerospace.
The Global Threat Report analyzes comprehensive threat data from various sources within Crowdstrike.
The findings suggest supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever.