A modern spin on the old-school hacker-behind-the-keyboard attack exceeded malware-borne ones worldwide last year, new incident report data from CrowdStrike shows.
Seasoned cybercriminals and nation-state attackers for some time now have been upping their game with new methods to mask their activities from security tools by blending in and posing as real users in the targeted organization's network - using stolen credentials and running legitimate tools to dig through victim systems and data, for instance. And for the first time in CrowdStrike's research and incident response engagement reporting, so-called "malware-free" attacks edged ahead of malware-based ones, at 51% to 49% in 2019. In 2018 and 2017, malware accounted for around 60% of all attacks globally, and malware-free attacks around 40%, according to CrowdStrike's data.
A malware-free attack in CrowdStrike's parlance is one where the method to gain entry into a victim organization doesn't employ a malicious file or file fragment to a computer disk. In addition to stolen credentials or legitimate tools, this type of attack also can execute code from memory and can only be detected with higher-level tools and techniques that spot unusual behavior, or via threat hunting.
Like the bad old days of hacking, much of the attack is driven by "hands-on keyboard" methods like command line interface, PowerShell, and hiding files and directories, according to CrowdStrike. "These techniques feature prominently in many sophisticated attacks, where a human adversary is engaged in the intrusion and is actively working toward an objective," according to the report.
Security experts worry that if attackers double down on malware-free attacks, security tools - and ultimately, t ..
Support the originator by clicking the read the rest link below.
