There has been a massive uptick in eCrime cyber activity, a CrowdStrike report reveals.
As Gartner states in the 2019 Magic Quadrant for Endpoint Protection Platform, “The skills requirement of EDR solutions compounded by the skills gap in most organizations is an impediment to the adoption of EDR in the mainstream market.
“As a result, product vendors are increasingly offering a fusion of products and services ranging from light incident response and monitoring through full managed detection and response and consultative incident response services.”
Most notable report findings
A massive uptick in targeted intrusions from eCrime adversaries. OverWatch has seen a large increase in intrusion activity from eCrime actors in the first half of 2019, accounting for the majority of detected intrusions. This is in stark difference from last year, but does not indicate a reduction in state-sponsored activity overall.
Rather, it reflects a continued shift in eCrime adversary behavior to focus more on leveraging nation-state style intrusions versus targeted spray and pray attacks in pursuit of more and larger payouts.
Retail replaces hospitality as one of the top ten targets within the first half of 2019. A quiet player in the past, a clear focus has moved this industry to one of the most lucrative targets. eCrime campaigns, and in particular, ransomware, overall are on the rise and the retail vertical has received a significant share of new attention from eCrime actors.
Other industries such as technology, telecommunications, financial and Non-governmental organizations (NGOs) remain some of the most highly targeted verticals in both 2018 and 2019.
China remains one of the most active adversaries. Similar to prior years, Chinese nation-state adversaries were the most active out of all the nation-state actors observed so far this year.
CrowdStrike has observed China target the most industries across the board including chemical, gaming, healthcare, hospitality, manufacturing, technology and telecom.