Cyber crooks are becoming more resourceful, claims CrowdStrike research

Line between nation state attackers and cyber criminals increasingly blurred as it takes organisations 86 days to detect a breach

Cyber crooks are becoming increasingly resourceful and sophisticated as more opportunities to cause mischief and make money emerge online, according to new research from threat analysis firm CrowdStrike.

Its latest 'Casebook' examines key cyber security trends that have emerged over the past year.

The study, conducted by the company's incident response team, suggests that highly persistent and experienced attackers are continually identifying gaps in organisations' IT infrastructure.

Fileless malware and malware-free attacks continue to dominate, comprising 66 per cent of all cyber security breaches. Cyber criminals are also turning to self-propagation techniques - as reflected by this summer's NotPetya outbreak - enabling to them cause more damage to IT operations.

Attackers are making use of a variety of tactics to compromise company systems, with the most common attack vectors being web servers, shell exploits and file uploaders.

It also appears that the relationship between nation-state sponsored attack groups and eCrime threat actors is beginning to blur, and this is one of the biggest challenges for companies.

CrowdStrike investigated the impact these attacks have on firms, too. In many cases, breaches resulted in companies losing money, intellectual property, personal information and transaction data.

Unfortunately, no business is immune to cyber attacks, and companies need to shift away from traditional security measures and tools to stay ahead of the curve.

To fend off threat actors, CrowdStrike said firms need to keep evolving their cyber security strategies and ensure they're upt-o-date with the latest threats.

It added, though, that organisations are installing new defences. CrowdStrike found that many of its clients are continuing to implement systems to self-detect breaches.

Of the clients it's been working with over the past year, CrowdStrike found that 68 per cent of them claim to have the means to detect a breach internally - up 11 per cent from last year.

Companies are also making improvements to their security postures and are investing in new systems, such as endpoint detection and response (EDR) tools.

Howeer, the average attacker 'dwell time', the amount of time between evidence of a compromise coming to light and its actual detection, is currently estimated at 86 days.

Joe Sturonas, chief technical officer at PKWARE, suggested that the capabilities of cyber criminals will broaden as new technologies, such as artificial intelligence and machine learning, are also deployed in attacks.

"On the one hand, AI can bolster cybersecurity capabilities. However, another possibility is that threat actors will begin to weaponise AI and use it to their advantage," he said.

"AI technology can make decisions independent of human interaction, removing some of the heavy leg-work needed by hackers to target victims in mass.

"As an industry, we need to recognise the role AI plays from the perspective of both the victim and cybercriminal. We need to continue development in AI and ML, ensuring it plays a role in overall cybersecurity strategies - assisting human intellect in a game of survival of the fittest, fighting AI with AI."