Subscribe
  • Home
  • /
  • Malware
  • /
  • CrowdStrike Services Cyber Front Lines Report reveals widespread remote work has broad-reaching effects on c...

CrowdStrike Services Cyber Front Lines Report reveals widespread remote work has broad-reaching effects on cyber security

Report reveals 68% of organisations that fell victim to an intrusion experienced an additional intrusion attempt, and traditional anti-virus solutions failed in 40% of observed incidents.

Sunnyvale, Calif., 19 Jan 2021

CrowdStrike, a leader in cloud-delivered endpoint and workload protection, today announced the release of the annual CrowdStrike Services Cyber Front Lines Report, which brings together the insights and observations of CrowdStrike’s global incident response (IR) and proactive services teams in 2020. The report not only provides an in-depth look into how adversaries are adapting to today’s realities, but also offers recommendations for organisations to improve their cyber security readiness in 2021.

The CrowdStrike Services Cyber Front Lines Report reveals the broad-reaching impact remote work has had on cyber security, as corporate networks around the world were turned inside out to accommodate remote workers. This, in turn, had dramatic effects on how attackers targeted organisations and how defenders reacted, especially with the accelerated adoption of cloud infrastructure.

Notable findings include:

  • Intrusions are no longer a one-time event. The CrowdStrike Services team observed organisations that experienced an intrusion and then leveraged CrowdStrike to manage their endpoint protection and remediation efforts moving forward. CrowdStrike identified that 68% of those organisations experienced another intrusion attempt, which was prevented.
  • Buying technology alone is not enough without full configuration and deployment. In at least 30% of incident response engagements, CrowdStrike observed the organisation’s anti-virus solutions were either incorrectly configured with weak prevention settings or not fully deployed across the environment, which may have been a factor in the threat actor gaining and maintaining access. Anti-virus solutions failed to provide protection in 40% of the incidents CrowdStrike responded to in 2020, in which either malware was undetected or a portion of the attack sequence was missed by anti-virus tools.
  • Weaknesses in public-facing applications and services are increasingly dangerous. CrowdStrike observed significant increases in attackers targeting public-facing applications and services in 2020.
  • 2020 brings staggering increase in volume and velocity of financially motivated attacks. Of these financially motivated attacks, 81% involved the deployment of ransomware or a precursor to ransomware activities, while only 19% included e-crime attacks such as point-of-sale intrusions, e-commerce website attacks, business e-mail compromise and crypto-currency mining.
  • State-sponsored adversaries leave smaller footprints. In parallel to the rapid rise of e-crime, state-sponsored adversaries remained active across a wide range of sectors.
  • Outside counsel plays a bigger role in the incident response process. Outside counsel retained CrowdStrike to advise its clients in 49% of the incidents investigated in 2020.

“Remote work has redefined the playing field between cyber attackers and defenders, and that’s clearly demonstrated in the CrowdStrike Services Cyber Front Lines Report. Corporate networks now span both office and home, providing a wealth of new attack surfaces and vectors that adversaries can exploit,” said Shawn Henry, chief security officer and president of CrowdStrike Services at CrowdStrike. “Holistic co-ordination and continued vigilance are key in detecting and stopping sophisticated intrusions. Because of this, we’re seeing a necessary shift from one-off emergency engagements to continuous monitoring and response. This will better enable incident response teams to help customers drastically reduce the average time to detect, investigate and remediate from 162 hours to less than 60 minutes.”

The CrowdStrike Services Cyber Front Lines Report reflects data derived from CrowdStrike Services incident response, managed services and proactive services engagements over 2020, spanning 15 industry sectors, residing in 34 countries and varied in size from large global organisations to regionally focused small/mid-sized businesses (SMBs).

To download a copy of the CrowdStrike Services Cyber Front Lines Report, visit this page.

To read more from CrowdStrike’s Shawn Henry on key findings within the report, visit this blog.

Share

CrowdStrike

CrowdStrike, a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon correlates 4 trillion endpoint-related events per week in real time from across the globe, fueling one of the world’s most advanced data platforms for security.

With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.

There’s only one thing to remember about CrowdStrike: We stop breaches.

Qualifying organizations can gain full access to Falcon Prevent™ by starting a free trial.

Learn more: https://www.crowdstrike.com/

Follow us: Blog | Twitter

Editorial contacts