2024 Threat Hunting Report

The 2024 CrowdStrike Threat Hunting Report reveals how threat actors have evolved their techniques in response to stronger security postures across industries. CrowdStrike OverWatch identified a significant 55% year-over-year increase in interactive intrusions, with 86% linked to financially motivated eCrime adversaries. These adversaries leveraged stealth, speed, and cross-domain tactics—often operating across identity, endpoint, and cloud environments. CrowdStrike’s AI-powered Falcon® platform, combined with expert human-led hunting, continues to be pivotal in detecting and neutralizing such threats early.

The report outlines the surge in hybrid and insider threats, emphasizing that sectors like healthcare, technology, and professional services are primary targets. Notable adversaries include SCATTERED SPIDER and FAMOUS CHOLLIMA, who exploited legitimate tools and credentials to maintain persistence. Key insights include:

• 55% increase in interactive intrusions year-over-year
• 86% of these intrusions linked to eCrime actors
• Cloud-based attacks rose by 75% as adversaries pivot infrastructure
• Identity-based attacks helped bypass traditional EDR systems
• Insider threats tied to over 100 targeted U.S. companies

CrowdStrike's findings highlight the importance of proactive, cross-domain hunting powered by both AI and skilled analysts to stay ahead of modern threat actors. The report underlines a key message: in the face of adaptive adversaries, the fusion of technology and human expertise is essential to defend against today’s most dangerous cyber threats.