Trickle-Down Cyberwarfare Is Harming Just About Every Industry

^{Designs have been resized. Courtesy of CrowdStrike.}

When a rash of international cyberattacks paralyzed healthcare and other industries last year, some organizations might have felt as if they were under siege as they failed to perform their most basic functions. And those hospitals, pharma giants, and community medical practices would have been correct to believe they were the victims of some sort of 21^st-century war. A new report from the firm CrowdStrike has found that cyberwarfare tactics trickled down from nations to other bad actors in 2017, furthering a trend that has hammered healthcare especially hard.

“The result of trickle-down in the field of cybersecurity has been a proliferation of highly sophisticated weaponry for cyberwarfare being pushed down into the mass market and commoditized,” wrote George Kutz, CrowdStrike’s co-founder and CEO. “The consequences to legitimate organizations have been alarmingly clear.”

One such consequence is the degree to which hackers have stung healthcare. It was second only to government in data breach reporting, a blemish that could be attributed to reporting requirements, according to CrowdStrike. Still, the company found that ransomware and extortion are “extremely common” in each sector, with local hospitals and physicians shouldering roughly half of these attacks in the medical space.

The document, “2018 Global Threat Report: Blurring the Lines Between Statecraft and Tradecraft,” was published this week. Scouring threat data from CrowdStrike’s experts and monitoring tools, including a cloud-based graph database that processes “nearly 100 billion events a day across 176 countries,” the report outlines cybercrime trends, adversary targeting, and related metrics. But the analysts spill much ink on the rise of cyberwarfare and its collateral—or intentional—damage.

“We’ve already seen cyber adversaries launch massive, destructive attacks that render organizations inoperable for days or weeks,” Dmitri Alperovitch, the company’s co-founder and chief technology officer. “Looking ahead, security teams will be under even more pressure to detect, investigate, and remediate breaches faster.”

The 42-page threat report details a great deal of concerning activity, but CrowdStrike has distilled several major points for leaders in any industry. Here are a handful of those insights.

• “Extortion and weaponization of data” are now “mainstream,” meaning that many hackers are using these tactics against many victims, most notably healthcare and government.
• The foggy distinction between trade and state cyberattacks is strengthening threats “beyond the defense capabilities of conventional security measures.”
• Nearly 40% of last year’s monitored cyberattacks were “malwarefree intrusions,” which slipped past traditional antivirus programs, tormenting pharma more than most.
• Expect more state-sponsored cyberwarfare.
• In 2017, it took just less than 2 hours for cybercriminals to “jump off” a compromised system and onto other networked devices.

CrowdStrike, which sells solutions in the field, advised decision makers to brush back “government-grade” intrusions by leaning on new tech and best practices that don’t rely on signature-based prevention.