“As a Cyber Security Specialist at OpenSight, I deal with the complex world of cybersecurity daily, where we are engaged in a race with criminals and state actors. As a Cyber Security Specialist, you know that you’ve chosen a profession where continuous learning and development are a must, as your adversaries are also constantly evolving. We often review reports from key players in this field. Recently, I reviewed the CrowdStrike 2024 Threat Hunting Report, and I’d like to share some of my findings and advice with you. This report not only provides insights into the latest trends in cyber threats but also emphasizes the need for a proactive approach to effectively combat these threats. Let’s dive deeper into what this means for you and your organization.”

The cunning of modern attackers

“What stood out to me most while reading this report is the constant evolution of attackers. Cybercriminals’ tactics are becoming increasingly sophisticated and dynamic. Where they once relied on simple, automated attacks, we now see a significant rise in so-called ‘interactive intrusions.‘ These are attacks where the attacker is actively sitting behind the keyboard in real-time, ready to bypass security measures as they appear.”

“This has significant implications for how we protect our networks. The speed and cunning with which these attackers operate make it essential not only to rely on automated security measures but also to have well-trained personnel capable of detecting and countering these advanced attacks. CrowdStrike’s report highlights the importance of speed in detection and response, which perfectly aligns with my own experiences.”

Cross-Domain Threats: An Increase in Complexity

“Another key insight from the report is the growing threat of cross-domain attacks. These are attacks where various parts of the IT infrastructure are targeted simultaneously, such as identity systems, endpoints, and cloud environments. What makes these attacks particularly dangerous is that they are often difficult to detect because the activities are spread across multiple domains, making them appear less suspicious when considered individually.”

“The challenge here is to see these activities in context and understand how they are related. This requires not only advanced technology, such as CrowdStrike’s AI-driven solutions, but also an in-depth knowledge of the various IT domains and how attackers can exploit them.”

The solutions: proactive threat hunting and AI

“In my opinion, the key to securing organizations against these complex threats is a combination of proactive threat hunting and the use of AI. As the report indicates, the time an attacker needs to move laterally within a network (the so-called ‘breakout time’) is often just a few minutes. This means there is no time to waste in detecting and responding to an attack.”

“AI can play a crucial role here by analyzing vast amounts of data in real-time and identifying patterns indicative of a threat. CrowdStrike’s Falcon platform is an excellent example of how AI can be used not only to detect attacks but also to automatically respond and prevent further damage. This kind of technology is indispensable in the fight against modern cyber threats.”

My advice for businesses

Based on the findings in the report and my own field experiences, here are some recommendations I would like to offer to businesses looking to enhance their security:

1. Keep learning and adapting: The world of cybersecurity is constantly changing. Stay informed about the latest trends and techniques, and ensure that your security strategy aligns with them.
2. Invest in proactive threat hunting: Don’t wait for an attack to occur before taking action. Ensure that you have a team constantly searching for potential threats, both inside and outside the network.
3. Utilize AI and Machine Learning: Traditional security systems often fall short when it comes to detecting today’s complex attacks. Invest in AI-driven solutions that can recognize patterns and respond quickly to suspicious activities.
4. Manage access strictly: Insider threats are a serious danger. Ensure you have strict access controls in place and continuously monitor who has access to which systems and data.
5. Monitor cloud environments closely: With the shift to cloud computing, it is essential to have a clear view of what is happening in your cloud environments. Attackers are increasingly targeting these areas, so make sure your cloud security is robust.

In short…

“The CrowdStrike 2024 Threat Hunting Report provides valuable insights into the modern threat landscape and confirms much of what we already know: threats are becoming more complex, attacks more sophisticated, and response times shorter. As a Cyber Security Specialist, it is clear to me that the future of security lies in a proactive, intelligence-based approach, supported by the power of AI. By combining these approaches, we can ensure that our organizations are not only protected against today’s threats but also prepared for the challenges of tomorrow.”

“Let’s work together towards a safer digital future!”

“Do you have questions or want to learn more about how to better secure your organization? Feel free to reach out via my LinkedIn profile!”

~ Marcel Krommenhoek