Estimated reading time: 1 minute, 24 seconds

Identity-Based Attacks Dominate in 2023, CrowdStrike Warns

When the punk band X-Ray Spex sang, “Identity is the crisis,” they might as well have been talking about the cybersecurity environment so far this year. That’s one of the takeaways from CrowdStrike’s recently released 2023 Threat Hunting Report.

According to CrowdStrike, 62% of all so-called interactive intrusions—or intrusions that involve hands on a keyboard—during the 12 months ending in June 2023, have leveraged valid account credentials. The report also cites a “160% increase in attempts to gather secret keys and other credential materials via cloud instance metadata APIs.” Attacks using the technique known as “Kerberoasting”—where threat actors steal access tickets associated with the Kerberos authentication protocol and crack them offline using brute-force methods—surged 583% from the previous year, per CrowdStrike data.

crowdstrike“The biggest trend that we’ve seen is that everything is moving towards identity," Adam Meyers, head of intelligence at CrowdStrike, told CSO regarding the report.

Overall, 80% of breaches rely on compromised identities, a separate CrowdStrike report earlier this year found. As for why attackers are concentrating on identity now, defenders may be victims of their own success. Meyers told TechTarget that advances in endpoint detection and response capabilities have made breaches tougher for threat actors—that is, unless they use identity.

Elsewhere in the report, CrowdStrike found that adversary breakout time reached an all-time low of 79 minutes. Last year, the average time it took an adversary to move laterally from initial compromise to other hosts in the victim environment was 84 minutes, the previous low.

“When we talk about stopping breaches, we cannot ignore the undeniable fact that adversaries are getting faster and they are employing tactics intentionally designed to evade traditional detection methods,” Meyers said in a statement.

Read 990 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.