Shocking cyber espionage discoveries: nation-state threats
How state-of-state cyberwarfare is changing the game in the tech industry: Details and analysis of recent attacks
State-sponsored hackers from North Korea and China have targeted tech and healthcare companies in 2024, according to CrowdStrike. They use advanced techniques, including social engineering, to infiltrate and manipulate systems. The Falcon platform uses AI to protect against these sophisticated threats.
According to CrowdStrike’s first Threat Hunting Report 2024, state-sponsored hackers such as North Korea have recently compromised the security of at least 100 technology companies. This cyber threat analysis has also revealed sophisticated attacks against the healthcare sector. A notable example is the cybercriminal group Famous Chollima, known for bypassing the cyber defenses of large US companies by assuming false identities. These hackers, using fake or stolen documents, managed to infiltrate the IT department as remote employees, accessing sensitive data and conducting malicious activities.
Minute-by-minute action: Horde Panda and Scattered Spider activities
Between June and August 2023, CrowdStrike recorded significant activity from the China-based Horde Panda group, which attacked a telecommunications provider in Southeast Asia. Using compromised identities and VPNs, they made it difficult to track their operations. In parallel, during the same period, the Scattered Spider group emerged, using social engineering techniques to penetrate their victims’ systems. These attacks posed a significant challenge to the defense systems of the affected organizations, testing their response and containment capabilities.
The evolution of Hands-on-Keyboard attacks
CrowdStrike has seen a significant increase in hands-on-keyboard attacks, where hackers manually access target systems and directly manipulate them. This technique bypasses many automated security controls, making it particularly effective in the technology and healthcare sectors. These industries are rich in sensitive and valuable data, making them attractive targets for attackers. The ability to directly manipulate compromised systems has created new challenges for cybersecurity, requiring increasingly sophisticated and responsive defense tools.
Cyber threat trends in 2024
Adam Meyers, Head of Counter Adversary Operations at CrowdStrike, emphasized the importance of constantly monitoring the activities of the most active hacker groups, including cybercriminals and nation-state adversaries. Over the past year, the CrowdStrike team has identified nearly 250 different actors, highlighting the growing sophistication of cyber threats. By optimizing algorithms enhanced with native AI, CrowdStrike’s Falcon platform aims to stay ahead of these evolving threats, providing robust and adaptive protection for organizations.
Follow us on Google News for more pills like this09/15/2024 16:59
Marco Verro