CrowdStrike’s annual Global Threat Report for 2024 was released on Wednesday, revealing concerning statistics about the increasing risks in the cyberthreat landscape. The report, which focuses on emerging trends in the cyberthreat landscape, highlights a significant uptick in attacks involving the cloud environment.
The report indicates a 75% increase in cloud environment intrusions in 2023 compared to 2022, signaling a troubling trend in cybersecurity. In addition, cloud-conscious casesinstances where threat actors intentionally target cloud workloadsincreased by a staggering 110%, indicating a heightened focus on infiltrating cloud systems. Furthermore, the report reveals that 84% of cloud-conscious intrusions attributed to threat actors were focused on financially motivated cybercrime, shedding light on the motives behind these attacks.
Scattered Spider, a notorious ransomware actor responsible for high-profile attacks against companies such as Okta, Caesars Entertainment, and MGM Resorts, was identified as being behind 29% of the cloud-conscious intrusions observed in 2023. According to the report, Scattered Spider demonstrated advanced tradecraft within targeted cloud environments, maintaining persistence, obtaining credentials, moving laterally within systems, and exfiltrating data.
Another concerning trend highlighted in the report is the rise of data extortion attacks, which involve the theft of data without using ransomware to encrypt victim data. The report notes a 76% increase in the number of victims named on “big game hunting” dedicated leak sites between 2022 and 2023, indicating a significant shift towards this type of cybercrime.
Other notable data points from the report include a 73% increase in hands-on attacks (interactive intrusions) in the second half of 2023 compared with the second half of 2022, a decrease in the average breakout time from 79 minutes in 2022 to 62 minutes in 2023, and a rise in malware-free activity such as identity-based attacks representing 75% of detections in 2023.
In addition to cyberthreat trends, the report also delves into ongoing geopolitical crises, specifically the Israel-Hamas conflict. CrowdStrike observed Iranian actors targeting Israeli entities, reflecting a concerning escalation of cyber activity in the context of the conflict.
Looking ahead, the report offers predictions related to global elections in 2024. With 55 countries representing more than 42% of the global population participating in elections this year, including India, the U.S., Russia, Mexico, Iran, Taiwan, and others, CrowdStrike anticipates a continuation of information operations and hacktivism targeting election-related entities.
Overall, CrowdStrike’s 2024 Global Threat Report provides a comprehensive overview of the evolving cybersecurity landscape, offering valuable insights to help organizations and individuals better understand and prepare for the increasing threats posed by cybercriminals. As cybersecurity continues to be a critical concern, the findings of the report underscore the importance of vigilance and proactive measures to safeguard digital assets and infrastructure from malicious actors.