CrowdStrike has released its 2021 Threat Hunting Report


OverWatch has disrupted a record number of interactive intrusion attempts by identifying malicious activity early and stopping adversaries in their tracks. A new report shares insights from OverWatch’s around-the-clock threat hunting from July 1, 2020 through June 30, 2021.

The 2021 Threat Hunting Report takes a close look at OverWatch’s dataset covering observed interactive threat actor behaviours, which it refers to as “intrusion activity”. It uses this data to examine how threat actors are operating in victim environments, highlighting both rare and common techniques that adversaries are employing.

Key findings from July 2020 to July 2021 include:

  • OverWatch tracked a 60% increase in interactive intrusion activity in the past year.
  • Adversaries have moved beyond malware.
  • ECrime continues to dominate the threat landscape, making up 75% of interactive intrusions.
  • ECrime adversaries are moving with increasing speed in pursuit of their objectives.
  • Targeted intrusion adversaries remain a prominent threat, particularly for the telecommunications industry.

You can read the full report here.