CrowdStrike has just released its threat hunting report for the first half of 2020. In a year that has seen an unprecedented opportunity for cybercrime, the report is even more eagerly anticipated than ever. The report provides a summary of threat hunting findings, highlighting intrusion trends and giving insights into the current landscape.
CrowdStrike’s threat hunting report is managed by a team of cross-disciplinary specialists. The team uses CrowdStrike threat intelligence to continually hunt, investigate and advise of advanced threat activity in consumer environments. They relentlessly hunt for anomalous novel attacks that evade standard detection.
The report aims to review intrusion trends during the first half of 2020, providing insights into the threat landscape, tactics being used by adversaries and recommendations for how to prevent attacks. In a year that has been heavily impacted by a sudden and dramatic rise in our remote workforce environment due to COVID-19, the report aims to deliver insights that can inform our security strategies in the months ahead.
The most recent report from CrowdStrike holds true to its usual purpose of finding threats that standard technology can’t. However, in this 2020 mid-year report, the methodology behind its human-driven hunting methodology has been unveiled. SEARCH, as the technique has been coined, uses techniques to sense, enrich, analyse, reconstruct, communicate and hone. By using SEARCH, the CrowdStrike team can sift through to find the faintest traces of malicious activity, detect threats at scale and leave adversaries with nowhere to hide.
This time around, the report naturally focuses on the global pandemic and how the threat landscape has shifted, opening new avenues of attack due to the rapid adoption of remote working. It looks at the industries that have seen the most significant shifts in activity and the motives behind these attacks. Finally, the report highlights key steps that you can take to try to protect your organisations in the current landscape.
The threat landscape has been unpredictable this year as we have faced unprecedented circumstances. And, the opportunistic nature of attacks has shown that every industry has vulnerabilities. The report highlights that cyber threats are fundamentally aligned with economic and political forces, with industries being targeted in their moment of weakness.
Amongst the chaos that 2020 has brought us, the mid-year report has delivered some notable findings:
The report clearly demonstrates that cybercriminals carefully watch their victims’ environments and are able to pivot to take advantage of emerging opportunities. Moreover, the threat landscape is intrinsically linked to the global economy.
First and foremost, every business needs to be aware that adversaries are tuned in to their operating environments and are ready to strike when vulnerabilities expose themselves. In a time of significant business change, organisations must be prepared to defend their environments. Recommendations from the report include:
In the remainder of 2020, we can expect to see an ongoing development of techniques as cyber threat actors continue to innovate in a rapidly changing landscape. Organisations must work to secure their dispersed workforce in a sustainable and scalable way if they are to protect their data, their users and their businesses.