Login
iscover
Over two-thirds of companies supported by global cyber security firm CrowdStrike experienced repeated cyber attacks following the COVID-induced transition to the remote working environment.
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
According to the latest CrowdStrike Services Cyber Front Lines Report — which involved an analysis of CrowdStrike’s global incident response (IR) and proactive services data in 2020 across 15 industry sectors, residing in 34 countries — cyber intrusions spiked in 2020 due to the COVID-induced increase in remote work.
The research found that cyber intrusions are “no longer a one-time event”, with 68 per cent of firms experiencing a second wave of cyber attacks after acquiring CrowdStrike’s services.
The firm found that for 30 per cent of incident response engagements, organisations’ antivirus solutions were either “incorrectly configured with weak prevention settings” or “not fully deployed across the environment”.
Moreover, antivirus solutions failed to provide protection in 40 per cent of the incidents, in which either malware was undetected or a portion of the attack sequence was missed by antivirus tools.
Other findings identified by CrowdStrike include:
- a significant increase in attackers targeting public-facing applications and services;
- a sharp increase in financially-motivated attacks, 81 per cent of which involved the deployment of ransomware or a precursor to ransomware activities, while only 19 per cent included e-crime attacks such as point-of-sale intrusions, e-commerce website attacks, business email compromise and cryptocurrency mining;
- continued intrusions from state-sponsored actors; and
- outside counsel retained CrowdStrike to advise its clients in 49 per cent of the incidents investigated in 2020.
“Remote work has redefined the playing field between cyber attackers and defenders, and that’s clearly demonstrated in the CrowdStrike Services Cyber Front Lines Report,” Shawn Henry, chief security officer and president of CrowdStrike Services, said.
“Corporate networks now span both office and home, providing a wealth of new attack surfaces and vectors that adversaries can exploit.
“Holistic co-ordination and continued vigilance are key in detecting and stopping sophisticated intrusions. Because of this, we’re seeing a necessary shift from one-off emergency engagements to continuous monitoring and response.”
Henry concluded: “This will better enable incident response teams to help customers drastically reduce the average time to detect, investigate and remediate from 162 hours to less than 60 minutes.”
[Related: COVID triggers 75% spike in cyber attacks]
Charbel Kadib
News Editor – Defence and Security, Momentum Media
Prior to joining the defence and aerospace team in 2020, Charbel was news editor of The Adviser and Mortgage Business, where he covered developments in the banking and financial services sector for three years. Charbel has a keen interest in geopolitics and international relations, graduating from the University of Notre Dame with a double major in politics and journalism. Charbel has also completed internships with The Australian Department of Communications and the Arts and public relations agency Fifty Acres.
