CrowdStrike is introducing memory scanning into the CrowdStrike Falcon sensor for Windows to increase visibility and detect in-memory threats, adding another layer of protection against fileless threats. In recent years, threat actors have increased their dependence on fileless or malware-free attacks.

Read also: Toyota suspends production due to a cyberattack, Enercom suffers satellite outage, and more.

Beyond the disturbing images of the invasion of Ukraine that began February 24 are the invisible cyberattacks that preceded it and continue to be waged on Ukraine by Russian state-sponsored and other threat actors, which also threaten the West. Vedere Labs, Forescout’s threat intelligence and research team, is closely monitoring the evolution of cyber activities connected to the Russian-Ukrainian conflict.

We’d like to start this post by saying that our thoughts are with everyone that is affected by the ongoing conflict in Ukraine. As widely reported in the news, we are also actively monitoring the increased level of malicious cyber activity related to the situation. Businesses should be under no illusions: the cyber security shock waves from the Ukraine crisis will extend across the world. It’s therefore important to stay informed and act quickly so that your business is protected.

Ideally, healthcare would be the last industry to be targeted by hackers and cyberattackers—surely no one would want to cripple critical hospital infrastructure and play around with lives. However, the healthcare industry continues to be the most affected in terms of average data breach cost, peaking at $9.2 million in 2021.

Read also: DeadBolt ransomware targets Asustor NAS devices, logistics company Expeditors falls victim to a cyber attack, and more.

There is already a well-documented history of cyber attacks targeting organizations in Ukraine - including the attack attributed to members of the Russian military intelligence group GRU - NotPetya. This threat actor has previously conducted attacks known as NotPetya, BlackEnergy, and has targeted high-profile events such as the Olympics, as well as perpetrated destructive attacks against Georgia.

Gone are the days when gate-based security processes were the most effective way to ensure security of an organization’s external attack surface. Getting the security team to sign off on every new application or asset before they go live simply is not scalable.

You don’t have to look far for proof that cybercrime is soaring to new heights. Early in the pandemic the U.N. reported cybercrime had increased 600% and other experts estimate damages from global cybercrime to reach $10.5 trillion annually by 2025, up from $3 trillion in 2015. Last year alone, we started 2021 in the fog of the SolarWinds attack and finished with the infamous Log4j vulnerabilities, the full impact of which will take years to understand.

As technology continues to evolve rapidly, so do the techniques used by adversaries. This may be considered a given, but it is important to appreciate how attackers may leverage existing and commonly used applications within an environment to attempt to seize control and achieve their objectives.