Brute force cyberattack techniques saw a 12% surge in 2024
Recent analysis in a report by Elastic examined global threats. The report delved into security tools, malware attacks, and cloud environment security.
The report highlights the success of adversaries utilizing offensive security tools (OSTs) — tools designed to find security vulnerabilities proactively — in addition to misconfigured cloud environments and a growing focus on credential access.
Key findings from the report:
- Adversaries are utilizing readily available tools.
- Approximately 54% of observed malware alerts were related to offensive security tools (OSTs) like Cobalt Strike and Metasploit.
- Cobalt Strike was responsible for 27% of malware attacks.
- Enterprises are mishandling cloud configurations, giving adversaries opportunities.
- Close to 47% of Microsoft Azure issues were linked to misconfigurations in storage accounts.
- Nearly 44% of Google Cloud users failed security checks, particularly in BigQuery due to inadequate customer-managed encryption.
- S3 checks represented 30% of Amazon Web Services (AWS) failures, specifically due to security teams not implementing multifactor authentication (MFA).
- Following successful defense evasion strategies, attackers are increasingly using legitimate credentials to gain access.
- Approximately 23% of all cloud behaviors were related to Credential Access, predominantly in Microsoft Azure environments.
- There was a 12% rise in Brute Force techniques, accounting for nearly 35% of all techniques in Microsoft Azure.
- While endpoint behaviors represented about 3% of total behaviors in Linux, 89% of them involved brute-force attacks.
- Defense Evasion behaviors have decreased by 6% over the past year.
