The ongoing situation in Eastern Europe is troubling and unfortunate. Our hearts go out to those in Ukraine who currently suffer under the threat of the Russian army and are mourning the loss of their loved ones. While those of us in the US come nowhere close to facing a similar threat, the conflict has brought about substantial levels of discussions around cyberattacks, and cybersecurity. Crowdstrike is a company in this space, one which we follow closely. The primary protection the company provides is known as endpoint security. An endpoint is like, as the name implies, a singular point in a broader network. Examples of endpoints include desktops, laptops, and mobile devices. When an endpoint is attacked, malicious code, or malware, infiltrates the device and puts valuable data (both on the device and in the network) at risk. Phishing emails are just one example of how malware targets endpoints. Crowdstrike sells millions of dollar’s worth of cybersecurity each year to protect against these types of attacks. For decades, malware was the ‘bullet’ used to target endpoints. But on their most recent earnings call, Crowdstrike executives spoke of how the nature of contemporary cyberattacks was shifting away from using malware to target endpoints. In CEO George Kurtz’s words: “Last year, 62% of attacks we observed were malware-less with most of these involving compromised identities” (1) . Without getting too technical, this basically means hackers are less and less doing things like sending files or email attachments to break into a computer’s operating system. The hacker is able to disrupt the normal functioning of a computer and bend it to their will. From here, credentials can be stolen, and even more sensitive data in other places can be compromised (2). Follow the second link below for more information on these attacks. Stay safe, both digitally and physically, in the meantime.
Source: 1. CrowdStrike Holdings, Inc. (CRWD) Q4 2022 Earnings Call Transcript (msn.com) 2. Next Generation Cyber: Malware-Free Attacks - Infosecurity Magazine (infosecurity-magazine.com)
Comentários