Russian state actors fastest at infiltrating networks
Russian state-sponsored attackers are the quickest at infiltrating a network among top cyber adversaries, according to a new report from endpoint protection company CrowdStrike.
CrowdStrike’s 2019 Global Threat Report compares the threat actors of Russia, China, North Korea and Iran in terms of breakout time — defined as the time between when an intruder compromises the first machine on a target’s network and when the intruder is capable of moving laterally to other systems on the network.
Russian nation-state actors achieved an average breakout time of just 18 minutes and 49 seconds, with North Korean nation-state actors the second fastest at 2 hours and 20 minutes.
Chinese state-sponsored attackers averaged just over 4 hours, while Iranian nation-state actors averaged 5 hours and 9 minutes.
CrowdStrike said it had identified several targeted intrusion campaigns by China, Iran and Russia focused on the telecommunications sector during the year.
Chinese state-sponsored attackers in particular appear to be ramping up their operational pace, the report states, and this trend is only likely to continue to accelerate amid the US–China trade war.
All the nation-state actors tracked in the report managed a significantly faster average breakout time than the 9 hours and 42 minutes achieved by independent global cybercrime actors. But the report notes that some cybercriminals can infiltrate networks in times rivalling even the fastest nation states.
“The threat landscape is evolving at an unprecedented rate, and with every breach, a company’s survival may be put on the line. Organisations can’t afford a passive approach to securing their assets,” CrowdStrike VP of Intelligence Adam Meyers said.
“As we continue to see highly sophisticated nation-state and e-crime actors elevate the level and complexity of daily threats, this report should serve as a resource for business leaders and security professionals to better understand the threat environment and make informed decisions that protect business-critical data.”
Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.
DigiCert acquires Valimail to boost email security
DigiCert has acquired DMARC provider Valimail in a bid to enhance its email authentication...
Akamai adds secure browser to ZTNA portfolio
Akamai has partnered with Seraphic to incorporate secure enterprise browser capabilities into its...
Rubrik announces CrowdStrike Falcon integration
Rubrik has announced the integration of its Rubrik Identity Resilience solution with the...