CrowdStrike Global Threat Report Crowdcast

2016 CROWDSTRIKE, INC. ALL RIGHTS RESERVED.


WE STOP

BREACHES

Next Generation Endpoint

Intelligence Services

• Intelligence powers everything we do

• All Source methodology

• Adversary profiling and campaign tracking

• Human analysis coupled with platform automation

• Intelligence consumable by human decision makers and enterprise systems

CrowdStrikeIntelligence



1 Targeted Intrusion

2 eCrime

3 Hacktivism

4 Looking Forward

2015 Global Threat Report Review


CHINAIn 2015, high-profile targeted intrusion activity was observed that revealed behavior not often associated with China-based adversaries

§ Healthcare breaches resulted in the compromise data from 50 to 80 million Americans

§ China-based adversaries rapidly adopted exploits from the Hacking Team breach

§ Aggressive pursuit of cyber sovereignty

§ Significant amount reconnaissance and phishing targeting rival claimants to islands in the South China Sea


RUSSIAInternational conflict, balance of power, energy issues, and the economy were the common themes observed within active intrusion campaigns conducted by Russian actors in 2015

§ Russian military adventures influenced much of the intrusions observed

§ Through a variety of techniques, Russia-based actors established a broad intelligence-gathering capability targeting government and national defense in the EU and US

§ BERSERK BEAR collection was heavily directed against the Middle East oil and gas sector

§ Economic challenges posed by energy prices weighed heavily on Russian economy


IRANSeveral notable geopolitical events occurred in Iran during 2015 that shaped cyber activity, and will continue to do so into 2016

§ Iranian regime sought to shield the country’s netizensfrom western influences

§ Arrests of Iranians for online activities were prolific

§ Iran seeks to develop a National Information Network

§ The Black Spider program reportedly monitors eight million accounts for content contrary to Islamic values


NORTH KOREA2015 proved to be a tumultuous year on the Korean Peninsula, a year that started off under the cloud of the Sony Pictures Entertainment breach

§ Numerous high ranking officials were executed in 2015

§ Multiple malware samples leveraged for intelligence collection

§ North Korean cyber activity in 2015 fits into three categories by virtue of the malware that was used

§ Activity aligned with escalating tensions with South Korea


OTHER NATION STATESNumerous other nation states have jumped on the targeted intrusion bandwagon leveraging cyber intrusion to support computer network exploitation and attack.

§ The Indian government concerned about Islamic State and other jihadi groups

§ A variant of AndroRAT, purportedly developed by VICEROY TIGER, includes functionality that suggests both Pakistani and Middle Eastern targeting

§ Latin American region saw the unraveling of one nation-state intrusion campaign


Popularity and sophistication of banking trojans, ransomware, and exploit kits prevailed.

CrowdStrike observed a significant increase in extortive attacks carried out by organized criminal groups in 2015

The prevalence of social engineering schemes using inside knowledge of the target flourished in 2015




CHINATake a look at

China’s 13th 5-Year Plan Infographic




Read the Full Threat Report

Global Threat Intelligence Report

Learn More:

Watch the Webcast

Threat Report CrowdCast

http://www.crowdstrike.com/global-threat-report-2015/

http://www.crowdstrike.com/2015-global-threat-report-crowdcast/

WE STOP

BREACHES

www.crowdstrike.com

Technology

CrowdStrike Global Threat Report Crowdcast