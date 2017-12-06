Services Casebook provides insights into adversaries, notable attack methodologies and offers best practices for organizations

CrowdStrike Inc., the leader in cloud-delivered endpoint protection, today announced the release of the annual CrowdStrike Cyber Intrusion Services Casebook, which provides valuable insights into the ever-evolving attack tactics, techniques and procedures (TTPs) and the state of breach readiness across industries.

The Cyber Intrusion Services Casebook reveals incident response (IR) strategies, lessons learned, and trends derived from more than 100 real-life cyber intrusion cases that CrowdStrike Services worked on during the past year. The data is derived from engagements with more than 12 leading commercial and public sector industries, including finance, insurance, healthcare, retail, information technology, and more.

The Casebook includes a detailed look at four distinct cases that illustrate broader security trends and notable shifts in adversary tactics, along with key recommendations for improving defenses.

Some key findings include:

The lines between nation-state sponsored attack groups and eCrime threat actors continue to blur. Both threat groups increasingly leverage similar tactics such as fileless malware and "living off the land" techniques involving processes native to the Windows operating system, including PowerShell and WMI (Windows Management Instrumentation).

"To minimize the impact of a cyber-related incident, organizations need to be aware of emerging attack trends and adversary techniques, and in turn, implement IR best practices and proactive mitigation strategies. With cybersecurity becoming a core business issue, CEOs and business leaders need to improve their ability to anticipate threats, mitigate risks, and prevent damage in the wake of a security-related event," said Shawn Henry, chief security officer and president of CrowdStrike Services. "Based on the CrowdStrike Services team's extensive experience, this Casebook informs not only security professionals, but also executives, boards of directors and shareholders on how to prepare for and respond to intrusions in a more effective manner."

In order to better protect against the sophisticated nature of threat actors, organizations must improve their resiliency in the face of ever-changing attack techniques. Relying on traditional security measures, tools and approaches is no longer effective in the face of modern cyber threats. As attacks continue to become more sophisticated and prolific, organizations must evolve their security strategies to proactively prevent, detect and respond to all attack types, including fileless malware and malware-free attacks.

The CrowdStrike Cyber Intrusion Services Casebook can be downloaded here.

