CrowdStrike Inc., a global cybersecurity leader, recently released the 2022 CrowdStrike Global Threat Report. According to the annual Global Threat Report, the threat landscape saw a number of significant shifts and trends.
From a significant increase in interactive intrusions to the proliferation of access brokers on the dark web, and the re-weaponization of vulnerabilities, the report paints a picture of a threat landscape that is becoming increasingly sophisticated and difficult to defend against and an area of grave worry.
Adam Meyers, Head of Intelligence at CrowdStrike delved into an insightful interaction with Minu Sirsalewala Executive Editor – Special Projects, Dataquest about the trends and what they mean for organizations going forward. Meyers has over 20 years of experience in the cybersecurity industry and is an expert in cyber threat intelligence and investigations.
Meyers speaks about the most significant findings in the report and offers some practical advice on improving response times, to more strategic considerations for developing a comprehensive cybersecurity strategy, he offers valuable insights for organizations looking to stay ahead of the curve and secure their digital assets.
How have the last 12 months been like, and what do you envision the next 12 months?
To start with, I think the biggest story or the biggest concern that people should have is the trend towards data exploitation. We have seen threat actors from the eCrime world, nation, and state threat actors and hacktivists, all weaponizing data against their victims, and that’s the most concerning area and we have pointed out in the report that 28% of ransomware actors are no longer even bothering to do ransomware. They are moving surely to data extortion, and this is significant, because they are able to expand their target set, and they are able to get more money from the victim. As with data extortion, they can actually make more money, because the fundamental model of ransomware is to cause downtime, and that downtime can be measured in financial dollars and cents. But it is not about downtime, it’s about the legal, regulatory and compliance impact of the data…