Explore the Adversary Universe

February 22, 2021

| | Counter Adversary Operations
Since the beginning of CrowdStrike’s history, we have relentlessly pursued cyber adversaries across the internet, because we knew back when we started the company as we do now, it doesn’t matter whether we are discussing a ransomware attack, an advanced nation-state or politically motivated hacktivists — it’s not a malware problem, it’s an adversary problem.

 

These adversaries are humans, and by studying these attackers and their operations, we can learn much about their capabilities and intentions so that we may inform our customers what data and assets they are targeting and, most importantly, how to best defend the things they must protect against these persistent and dedicated adversaries. CrowdStrike customers already understand the value in this approach — the Falcon OverWatch™ team stopped over 75,000 intrusions in 2020, the CrowdStrike Intelligence team produced thousands of intelligence reports on over 150 adversaries that are tracked today, and the Professional and Managed Services teams have engaged in countless incident responses, adversary evictions and coordinated remediations.

 

With the increasing pace of activity in mind, CrowdStrike is unveiling a project we have dubbed the Adversary Universe. The goal of this dedicated website is to provide customers, researchers and those looking for more information about the threat landscape with a view of the threats that they face every day, from either a victim vertical or an adversary intelligence profile perspective. It is our hope that, armed with this information, network defenders will be better equipped to defend their enterprises against some of the most persistent adversaries on the internet today, and we will continue to provide new updates and information through the Adversary Universe to ensure they can defend against the threats of tomorrow.

 

In addition to the adversary intelligence presented through the Adversary Universe, we are very excited to introduce the eCrime Index (ECX). The ECX is meant to gauge the overall health of the digital underground economy, similar to indexes tracking the stock markets or global economy. The ECX looks at a variety of factors, including ransom demands, cryptocurrency fluctuations, vulnerabilities and exposures, and many other observables that, when weighted and averaged, provide a sense of what's going on in the underground and what we can expect in the future. It will be updated weekly. As we monitor this index, we will share our findings with the world in blog posts and social media to bring awareness and visibility to the seedy underbelly of the internet and the criminals who profit from the misfortune of others. We invite researchers, journalists and enthusiasts to keep an eye on this index and explore what this data can reveal about what adversaries are up to and how market changes may impact their decisions and operations.

Additional Resources

Breaches Stop Here