Aug 21, 2024

CrowdStrike Threat Hunting Report Reveals Growing Stealth of Insider Threats

2

CrowdStrike’s 2024 Threat Hunting Report echoes many of the findings from DTEX i3’s 2024 Insider Risk Investigations Report. The fact is, the lines between internal and external threats are rapidly blurring. Nation state actors are increasingly exploiting trusted insiders and channels to access and exfiltrate sensitive data.

Key findings:

  • Nation state threat actors are becoming more aggressive in their attempts to infiltrate companies. Many are now gaining employment, posing as legitimate insiders, and engaging in hands-on-keyboard activities to ‘blend in’ and evade detection. Indeed, our Insider Risk Report found that as many as 77% of malicious insiders attempt to conceal their activity to evade detection.
  • Unsurprisingly, healthcare and technology – industries with seriously sensitive data and IP – are increasingly being targeted. Use of legitimate remote monitoring and management tools are being abused, valid user credentials are being exploited, and social engineering continues to run rife. Our i3 team knows this all too well and has published Threat Advisories on these very topics to arm companies with early detection and mitigation.

For specific call-out findings of CrowdStrike’s Report, read the full press release.

CrowdStrike’s report highlights the urgency of getting ahead of this very human and complex challenge. Blended attacks are the new norm in cybersecurity, and the human insider is the biggest vector. But, and most importantly, people – your insiders – are also the biggest opportunity for driving positive change. Only under a cross-cutting insider risk program, championed from the top down, can the tables truly be turned to enable proactive security and resilience.

Going forward, education and awareness among our most critical entities will be key in uplifting defenses against such stealthy attacks – regardless of where they originate. This starts with collaboration and best practice information sharing.

To that end, here are some key insider risk resources and communities to save, share, and bookmark:

If you are concerned about foreign interference or need support in developing your insider risk program, request a confidential Threat Briefing.

Subscribe today to stay informed and get regular updates from DTEX Systems