CrowdStrike Threat Hunting Report 2024

Keypoints

• Cybersecurity annual reports by major vendors typically consist of sections such as an introduction, threat landscape overview, sector targeting analysis, technical observations, adversary profiling, case studies, and conclusions, providing a holistic view of recent threats.
• These reports frequently include key statistics like percentage increases in specific attack types (e.g., 55% rise in interactive intrusions, 75% increase in cloud attacks), reflecting shifting threat behaviors.
• Notable trends include a surge in cross-domain tactics, increased use of identity-based attacks, and heightened targeting of technology and healthcare sectors, highlighting evolving adversary priorities.
• Attack techniques such as lateral movement, privilege escalation, and exploitation of cloud management tools are commonly analyzed through frameworks like MITRE ATT&CK, revealing prevalent tactics like discovery, masquerading, and tool disruption.
• Recurring themes include adversaries’ move towards hybrid, platform-agnostic, and stealthy operations, employing advanced tools like RMM software and living-off-the-land techniques, which challenge traditional detection methods.
• Significant findings underscore the importance of proactive threat hunting, real-time detection, and intelligence-driven strategies to counter highly adaptable threat actors such as DPRK-nexus, China-nexus, and eCrime groups.