Crowdstrike Global Threat Report 2023

Keypoints

• Most cybersecurity vendor reports are structured into sections like Foreword, Introduction, Threat Landscape Overview, Key Themes, Statistical Data, Trends, and Recommendations, providing a detailed understanding of recent attack patterns and strategic insights.
• Key statistics include an 112% year-over-year increase in access broker advertisements and a 71% rise in malware-free detections in 2022, signaling a shift towards fileless and credential-based intrusions.
• Recurring themes are the rise of cloud exploitation (95% increase), sophisticated nation-state operations supporting conflicts like the Ukraine war, and the proliferation of high-profile eCrime activities targeting major technology firms.
• The reports identify notable threat actors such as Russian-backed groups (Fancy Bear, Voodoo Bear), Chinese espionage units, and emerging adversaries like Scattered Spider, each employing advanced tactics including social engineering, vulnerability rediscovery, and exploit circumvention.
• Attack techniques are evolving towards exploiting cloud environments, bypassing patches, and abusing legitimate credentials, with adversaries frequently leveraging existing vulnerabilities like Log4Shell and CVE-2022-29464 to continue attacks.
• Major findings emphasize the importance of rapid detection (within minutes) and timely response, as adversaries reduce breakout times (from 98 to 84 minutes), making swift action critical to minimizing damage.
• Overall, the threat landscape is increasingly complex, with nation-states and cybercriminals diversifying tactics and targets, urging organizations to continuously update their security practices and threat intelligence to stay protected.