“Malware-free” attacks mount in big breaches, CrowdStrike finds

Stolen credentials, exploits of command-line tools used in 66 percent of attacks. Despite the rise of massive crypto-ransomware attacks, an even more troubling trend emerged in data gathered by the security firm CrowdStrike this past year and published in the company’s 2017 “Intrusion Services Casebook.” The majority of attacks the company responded to did not leverage file-based malware but instead exploited a combination of the native software of victims’ systems, memory-only malware, and stolen credentials to gain access and persist on the targeted networks. And the average attack persisted for 86 days before being detected.