Breaking news and updates daily. Subscribe to our Newsletter!

Breaking news and updates daily. Subscribe to our newsletter

​​ CrowdStrike reports surge in state-sponsored cyber attacks

By Charbel Kadib
09 September 2021 | 1 minute read

A new analysis of malicious activity across all sectors has identified a significant increase in state-sponsored attacks, particularly from China, North Korea, and Iran. 

Cyber security company CrowdStrike has released an annual threat hunting report, which has identified a 60 per cent increase in attempted intrusions spanning all industry verticals and geographic regions.

The findings, collected by threat hunting team Falcon OverWatch, also suggest that cyber actors are manipulating networks more efficiently, with the average breakout time  the time it takes for an intruder to begin moving laterally outside of the initial beachhead to other systems in the network – reducing to just one hour 32 minutes, a threefold drop from 2020.


Cyber criminals are also exploring alternatives to malware, with 68 per cent of detections malware-free.

Alarmingly, China, North Korea and Iran were the most active state sponsors of cyber attacks, representing the majority of targeted intrusions.

Other findings include:

  • a surge in interactive intrusion activity targeting the telecommunications industry;
  • WIZARD SPIDER was the most prolific cyber criminal, responsible for nearly double the number of attempted intrusions than any other eCrime group; and
  • a 100 per cent increase in instances of cryptojacking in interactive intrusions year-over-year, correlating with increases in cryptocurrency prices.

“Over the past year, businesses faced an unprecedented onslaught of sophisticated attacks on a daily basis,” Param Singh, vice president of Falcon OverWatch, CrowdStrike, said.

“Falcon OverWatch has the unparalleled ability to see and stop the most complex threats — leaving adversaries with nowhere to hide.

“In order to thwart modern adversaries’ stealthy and unabashed tactics and techniques, it’s imperative that organisations incorporate both expert threat hunting and threat intelligence into their security stacks, layer machine-learning enabled endpoint detection and response (EDR) into their networks and have comprehensive visibility into endpoints to ultimately stop adversaries in their tracks.”

Charbel Kadib

Charbel Kadib

News Editor – Defence and Security, Momentum Media

Prior to joining the defence and aerospace team in 2020, Charbel was news editor of The Adviser and Mortgage Business, where he covered developments in the banking and financial services sector for three years. Charbel has a keen interest in geopolitics and international relations, graduating from the University of Notre Dame with a double major in politics and journalism. Charbel has also completed internships with The Australian Department of Communications and the Arts and public relations agency Fifty Acres

​​ CrowdStrike reports surge in state-sponsored cyber attacks
lawyersweekly logo
cyber security subscribe
Be the first to hear the latest developments in the cyber security industry.
Regular Podcast Updates