Report indicates adversaries seek to disrupt global elections and exploit generative AI technology
CrowdStrike’s 2024 Global Threat Report reveals a rise in cyber adversaries utilizing stolen identity credentials to exploit cloud vulnerabilities swiftly. The report predicts major threats in 2024, such as disrupting global elections and using generative AI to launch more advanced attacks.
“To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk”
Adam Meyers, head of Counter Adversary Operations, CrowdStrike
In the 10th annual edition of the cybersecurity leader’s seminal report, CrowdStrike highlights activity from some of the 230+ prolific threat groups that it tracks today. Key findings in the 2024 report include:
- Dramatic Increase in Attack Velocity: The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average breakout time is down to only 62 minutes from 84 in the previous year (with the fastest recorded attack coming in at 2 minutes and 7 seconds). Once initial access was obtained, it took only 31 seconds for an adversary to drop initial discovery tools in an attempt to compromise victims.
- Stealthy Attacks Spike as Adversaries Compromise Credentials: The report notes a sharp increase in interactive intrusions and hands-on-keyboard activity (60%) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.
- Adversaries Follow as Business Moves to the Cloud: Adversaries turned their sights to the cloud through valid credentials – creating a challenge for defenders looking to differentiate between normal and malicious user behavior. The report shows cloud intrusions increased by 75% overall with cloud-conscious cases amplifying by 110% Year-over-Year.
- The Exploitation of Generative AI on the Horizon: In 2023, CrowdStrike observed nation-state actors and hacktivists experimenting with and seeking to abuse generative AI to democratize attacks and lower the barrier of entry for more sophisticated operations. The report highlights how generative AI will likely be used for cyber activities in 2024 as the technology continues to gain popularity.
- Disrupting Democracy by Targeting Global Elections: With more than 40 democratic elections scheduled in 2024, nation-state and eCrime adversaries will have numerous opportunities to disrupt the electoral process or sway voter opinion. Nation-state actors from China, Russia and Iran are highly likely to conduct mis-or disinformation operations to sow disruption against the backdrop of geoconflicts and global elections.
Adam Meyers, head of Counter Adversary Operations, CrowdStrike, said, “To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk.”
