CrowdStrike Global Threat Report Reveals Increase in Ransomware

Financially motivated cybercrime activity occurred on a nearly continuous basis in 2019. That’s according to CrowdStrike, a Sunnyvale, California-based endpoint protection vendor, which has released its 2020 CrowdStrike Global Threat Report.

CrowdStrike observed an increase in incidents of ransomware, maturation of the tactics used, and increasing ransom demands from cybercriminals. Increasingly these actors have begun conducting data exfiltration, enabling the weaponization of sensitive data through threats of leaking embarrassing or proprietary information.

Meanwhile, nation-state adversaries continued unabated throughout 2019, targeting a wide range of industries. Another key trend in this year’s report is the telecommunications industry being targeted with increased frequency by threat actors, such as China and North Korea.

“2019 brought an onslaught of new techniques from nation-state actors and an increasingly complex eCrime underground filled with brazen tactics and massive increases in targeted ransomware demands,” said Adam Meyers, vice president of Intelligence at CrowdStrike.

Other notable highlights from the 2020 Global Threat Report include:

• The trend toward malware-free tactics accelerated, with malware-free attacks surpassing the volume of malware attacks. In 2019, 51% of attacks used malware-free techniques compared to 40% using malware-free techniques in 2018.
• China continues to focus many operations on supply chain compromises. Other targeted U.S. industries include clean energy, healthcare, biotechnology, and pharmaceuticals.
• The industries at the top of the target list for enterprise ransomware were local governments and municipalities, academic institutions, the technology sector, healthcare, manufacturing, financial services and media companies.

The Global Threat Report analyzes threats based, in part, from the company’s database technology processing over 3 trillion events per week across 176 countries.

Channel Impact^®
CrowdStrike recommends that organizations develop the capability to detect intrusions in under one minute, investigate in 10 minutes, and contain/eliminate the adversary in 60 minutes.