2022 was a year of explosive, adaptive and damaging threats. Adversaries continue to be relentless in their attacks as they become faster and more sophisticated. CrowdStrike’s 2023 Global Threat Report uncovers notable themes, trends and events across the cyber threat landscape, including:
Explore the Adversary Universe to learn how the world’s most dangerous threat actors are targeting organizations like yours.
eCrime adversaries proved relentless in 2022 with faster and more complex operations. The average eCrime breakout time is now 84 minutes, and 71% of attacks CrowdStrike Intelligence detected were malware-free.
Access brokers are threat actors who acquire credentials and access to organizations then provide or sell this access to other actors, including ransomware operators. The number of their ads increased 112% compared to 2021. This spike, along with an increase in social engineering attacks, highlight why identity threat protection is critical to stopping breaches.
Cloud exploitation grew by 95% in 2022 as CrowdStrike Intelligence observed a nearly 3x increase in "cloud-conscious" threat actors. Adversary techniques continue to grow more sophisticated for initial access, lateral movement, privilege escalation, defense evasion and data collection.
Adversaries continue to exploit vulnerabilities with greater sophistication, seeking ways to bypass mitigations to target the same vulnerable components multiple times. The architectural weaknesses in legacy technology create systemic risk for organizations that rely on these older systems and are increasingly vulnerable to attacks.