Attacks directed at the cloud increase by 95% in 2022 and 33 new criminal groups are registered

MADRID, March 6 (Portaltic/EP) –

The cybercriminal attacks directed to the cloud they have grown 95 percent during the year 2022a period in which a total of 33 new criminal groups and it has been verified that the average time that a malicious actor to gain access to a system It has been reduced in 14 minutes.

This has been pointed out by cybersecurity company CrowdStrikebased on the data collected in its Global Threat Report 2023, in which it has analyzed the behaviors, trends and tactics of the “world’s largest” cybercriminal groups, both private criminals and those led by governments.

Specifically, the security company has analyzed three trillion cybersecurity events every day in 2022, and has carried out “exhaustive” monitoring of more than 200 adversaries. In fact, among these 200 cybercriminalsHave been found 33 new groups criminals this year.

As CrowdStrike underlines, this increase in criminal groups translates into the highest growth on record among the nine editions of the Report produced by the company. They stand out among them ‘Scattered Spider’ and ‘Slippy Spider’since they are behind the most recent attacks on technology and telecommunications companies according to the records.

Following this line, the security company has also highlighted the registered increase in Cloud Targeted Attacks, that have grown 95 percent. This is mainly due to the fact that the number of actors who apply their attacks to cloud environments has also tripled in 2022.

Another of the main conclusions of the report is that during the past year the time it takes a cybercriminal to gain access to a system has been reduced again. The 2021 average was 98 minutes, and in 2022 this time has been reduced by 14 minutes, leaving the average in 84 minutes.

On the other hand, the report states that cybercriminals are moving beyond the use of ‘malware’ and, therefore, finding new ways to evade antivirus protection and automated defenses. According to CrowdStrike, the 71 percent of detected attacks did not include ‘malware’compared to 62 percent in 2021.

That is, the use of ‘malware’ has been reduced by almost 10 percent in 2022. Meanwhile, interactive intrusions, those coming from a human on the other side of the keyboard, grew by 50 percent.

One of the things the report highlights is that cybercriminals are also exploiting vulnerabilities that they were already believed resolved. This is the case of vulnerabilities known as ‘Log4Shell’, ‘ProxyNotShell’ and ‘Follina’. In fact, the last two are part of the 900 vulnerabilities that Microsoft included in its patches during 2022.

Regarding extortion campaigns with theft of informationthe data in the report reflect that during the past year they have grown 20 percent. In addition, there has also been more interest in the use of social engineering tactics.

In these cases, it is necessary to human interaction with attacks such as ‘vishing’, which is based on a fraudulent practice of the conventional telephone line to obtain sensitive information, for example, bank details. Techniques such as changing SIM cards either Avoid using multi-factor authentication.

Refering to dark web, The number of access to ads on this network has risen a 112 percent. Based on this, as CrowdStrike explains, the demand for access and identity credentials that are offered in this part of the web has been valued.

ESPIONAGE RELATED TO CHINA, RUSSIA AND SYRIA

The CrowdStrike report has also identified that the espionage related to China grew over the past year by up to 39 industries spread over 20 regions Worldwide.

Although according to the data the impact of the war in Ukraine for espionage has been “less than expected”, the security company the group ‘Gossamer Bear’ stands out from Russia.

These cybercriminals have carried out major dedicated ‘phishing’ campaignsabove all to get research laboratory credentialsof military supplierslogistics companies and NGO.

In addition, in analyzes of daily security events, CrowdStrike has also been found to first group from Syria, Deadeye Hawk.

Related articles

ANSES pays the Unemployment Benefit: who receives today, Friday, May 24, 2024

The National Social Security Administration (ANSES) begins the payments corresponding to the Month of May for unemployment insurance holders. Today, Friday the 24th,...

The US asked for the Bases law and the lifting of the exchange rate

While the debate continues over Base Law In the Senate, the Charge d'Affaires of the United States Embassy in Buenos Aires, Abigail Dressel, highlighted...

Not only did it go to Benedetto, Diego Martínez would also have deleted another...

The atmosphere has become a little tense Boca Juniors after the statements expressed by Dario Benedettowho last Friday would have responded to Diego Martinez...