Cybercriminals seem to favour new spins on the old school hacking methods over using malware, according to new report from CrowdStrike, the cybersecurity firm that recently partnered with eSentire.
The research showed that malware-free attacks were more popular than malware-based attacks in 2019, with the ratio being 51% to 49% respectively.
That is a significant drop from 2018 when malware was used in 60% of attacks.
The researchers noted that cybercriminals blending in as legitimate users as they plan and launch their attacks make them more difficult to detect.
“This year’s report indicates a massive increase in eCrime behaviour [that] can easily disrupt business operations, with criminals employing tactics to leave organisations inoperable for large periods of time,” said Jennifer Ayers, vice president of OverWatch at CrowdStrike. “It’s imperative that modern organisations employ a sophisticated security strategy that includes better detection and response and 24/7/365 managed threat hunting to pinpoint incidents and mitigate risks.”
The report also noted an increase in ransomware attacks over the year and nation-state actors more frequently launching assaults against the telecommunications industry.
“2019 brought an onslaught of new techniques from nation-state actors and an increasingly complex eCrime underground filled with brazen tactics and massive increases in targeted ransomware demands,” said Adam Meyers, vice president of Intelligence at CrowdStrike. “As such, modern security teams must employ technologies to detect, investigate and remediate incidents faster with swift preemptive countermeasures, such as threat intelligence, and follow the one-ten-60 rule.”
The one-ten-60 rule means it should only take one minute before a breach is noticed, ten minutes of investigation and to have successfully kicked out the intruder from the system within 60 minutes.
Copyright © 2018 RegTech Analyst