defence connect logo

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

China, North Korea, Iran behind bulk of state-sponsored attacks

The countries have been identified as the most active state sponsors of malicious activity.

The countries have been identified as the most active state sponsors of malicious activity.

Cyber security company CrowdStrike has released an annual threat hunting report, which has identified a 60 per cent increase in attempted intrusions spanning all industry verticals and geographic regions.


The findings, collected by threat hunting team Falcon OverWatch, also suggest that cyber actors are manipulating networks more efficiently, with the average breakout time the time it takes for an intruder to begin moving laterally outside of the initial beachhead to other systems in the network – reducing to just one hour 32 minutes, a threefold drop from 2020.

Cyber criminals are also exploring alternatives to malware, with 68 per cent of detections malware-free.

Alarmingly, China, North Korea and Iran were the most active state sponsors of cyber attacks, representing the majority of targeted intrusions.

Other findings include:

  • a surge in interactive intrusion activity targeting the telecommunications industry;
  • WIZARD SPIDER was the most prolific cyber criminal, responsible for nearly double the number of attempted intrusions than any other eCrime group; and
  • a 100 per cent increase in instances of cryptojacking in interactive intrusions year-over-year, correlating with increases in cryptocurrency prices.

“Over the past year, businesses faced an unprecedented onslaught of sophisticated attacks on a daily basis,” Param Singh, vice president of Falcon OverWatch, CrowdStrike, said.


“Falcon OverWatch has the unparalleled ability to see and stop the most complex threats — leaving adversaries with nowhere to hide.

“In order to thwart modern adversaries’ stealthy and unabashed tactics and techniques, it’s imperative that organisations incorporate both expert threat hunting and threat intelligence into their security stacks, layer machine-learning enabled endpoint detection and response (EDR) into their networks and have comprehensive visibility into endpoints to ultimately stop adversaries in their tracks.”

Charbel Kadib

Charbel Kadib

News Editor – Defence and Security, Momentum Media

Prior to joining the defence and aerospace team in 2020, Charbel was news editor of The Adviser and Mortgage Business, where he covered developments in the banking and financial services sector for three years. Charbel has a keen interest in geopolitics and international relations, graduating from the University of Notre Dame with a double major in politics and journalism. Charbel has also completed internships with The Australian Department of Communications and the Arts and public relations agency Fifty Acres.

China, North Korea, Iran behind bulk of state-sponsored attacks
lawyersweekly logo

more from defence connect

Aug 8 2022
New government, familiar challenges
Opinion: It’s critical that the new government rises to the challenge and establishes an efficient framework to promote Austra...
Aug 8 2022
General Dynamics awarded $2bn US Navy contract
The prime has been tapped to construct three additional vessels for the US Navy. ...
Aug 8 2022
RAAF to deploy aircraft to NZ
A number of pilot training aircraft will fly across the Tasman to take part in a joint military exercise. ...