A really interesting article about a recent study from CrowdStrike. The premise of the article is that while cyber-attacks surged last year, 62% of those attacks did not involve malware. What does this mean? It means that old-fashioned intrusion methods are still very much alive and well today.  

It also means that we should not rely exclusively on malware intrusion defense technologies. Layered approaches to cybersecurity for MSP and customers alike are what is required. MSPs need to adopt and promote technologies to identify and prevent these non-malware intrusions.  

Highlights:  

• “non-malware, hands-on-keyboard activity” still a dangerous reality for MSPs and customers. This means we should not place all our eggs into one basket, namely email defense and scoring. 
• industrial and engineering sectors most targeted
• “Threat actors continue to exploit vulnerabilities across endpoints and cloud environments, and ramp up innovation on how they use identities and stolen credentials to bypass legacy defenses – all to reach their goal, which is your data,” according to George Kurtz, CrowdStrike’s CEO. 
• Recent claims by CISA that moving to the cloud will make us safer, may not be accurate.

 

MSP Zone Reading Material: https://www.infosecurity-magazine.com/news/threefifths-of-cyberattacks-2021/

This episode is sponsored by VULTR: www.vultr.com