Attend IT Limited Blog

Cyberattack Discovery Time is Decreasing (But This Isn’t All Good News)

Cyberattack Discovery Time is Decreasing (But This Isn’t All Good News)

Research has revealed that cyberattacks are spending decreasing amounts of time on their targeted networks before they are discovered. While this may sound like a good thing—a faster discovery of a threat is better than a slower one, after all—this unfortunately is not the case.

Let’s explore this trend, and what it implies for your cybersecurity.

Understanding the Concept of Dwell Time

Dwell time is the term for the duration that a cyberattack is present on the network before it is detected. According to figures compiled by Mandiant, their researchers have found that the median dwell time around the world is 24 days. This number continues a decade-long trend of shortening dwell durations, with 2011 seeing a median dwell time of 416 days.

So, over the past ten years, the median dwell time has shrunk to about a fifth of what it once was.

On the surface, this sounds great… and it makes sense, too. Organizations are investing more into their cybersecurity, so their policies are better and they are simply more able to detect threats. Therefore, cyberattacks aren’t spending nearly as much time on a network before the infiltrated business becomes aware of them, so the damage they can do should be limited… right?

As much as we’d like to wrap this blog up right here and say “Right, and here are some best practices to follow…” we can’t. The situation is just a bit more complicated, and those complications are important.

The Shifting Threat Landscape Plays a Role

Here’s the thing: as the dwell time that cyberattacks spend on a network undetected has shrunk, the methodology behind the attacks—more specifically, the type of attacks commonly being used—has shifted. Nowadays, ransomware plays a much larger part, increasing from 14 percent in 2019 to 25 percent in 2020.

Ransomware (the malware that locks down a targeted system and demands payment to release it) has a much shorter dwell time than most other attacks. Taken as a group, other attack methods had a median dwell time of 45 days. Ransomware: just five. This difference is what contributed to the overall median dwell time of 24 days.

So, these shorter dwell times can be attributed to ransomware intrusions progressing to full-scale attacks much more quickly.

Ransomware Has Gotten Worse

Unfortunately, a business’ troubles don’t end there. In addition to these accelerating attacks, hackers have grown more aggressive. This has translated to higher ransom demands, as well as the unsettling development of so-called “multifaceted extortion”—where the attacker threatens to also publish the data they steal if payment isn’t made.

Other Attacks Are Still Prevalent, Too

Businesses still need to worry about other methods of attack as well. For instance, exploits (codes that take advantage of programming bugs or other vulnerabilities) have risen in popularity again as a way for an attacker to first get into a business’ network. They’re now seen in 29 percent of intrusions, as compared to phishing attacks and their 23 percent prevalence.

Other commonly used tools included misused tools meant to provide security teams with the resources needed to run their evaluations. These backdoors were found in 24 percent of incidents. Moreover, privately-developed malware—the kind that makes responding to a security incident more challenging—was seen in 78 percent of attacks.

This Is All Concerning, So Your Business Needs to Prepare Accordingly

How do you do that? Proactively, and keeping in mind that the modern threat landscape is just too diverse to be covered by a single, simple fix. The measures needed to respond to each are all very different.

If you’re finding this to be a lot to deal with, you aren’t alone—and you don’t have to be to attend to all this, either. Attend IT Limited and our team of experts can help you ensure that your business’ network is fully secured and monitored against threats of all kinds. To find out more about what we can do, check out some of the services we offer and give us a call at 020 8626 4485.

Getting Accessible Internet to the Disabled Isn’t ...
Looking Into the Growth of Digital Services

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Network Security Business Computing Tip of the Week Cloud Best Practices Productivity Data Backup Managed IT Services Hackers Data Recovery communications Privacy Disaster Recovery Hosted Solutions VoIP Backup Malware Data Business Continuity Business Small Business Outsourced IT Email IT Support Innovation IT Services Cloud Computing Internet Software Cybersecurity Phishing Computer Productivity Efficiency Mobile Devices IT Support Saving Money BDR Hardware Ransomware Business Management Internet of Things Upgrade Server Automation Information Technology Smartphone Managed IT services Microsoft Collaboration Managed IT Covid-19 Mobile Device Management Network Mobility User Tips Risk Management Budget Workplace Tips BYOD Compliance Meetings Save Money Windows 7 Wi-Fi Communication Gadgets Managed Service Provider Mobile Device Quick Tips Artificial Intelligence Avoiding Downtime Remote Computing Wireless Computers Firewall Managed Service Smartphones Spam MSP Passwords Virtual Private Network Training Employee-Employer Relationship Password Data Management Remote Work History Human Resources Users Hosted Solution Cost Management Microsoft Office Google Machine Learning Android IT Service Devices Employer-Employee Relationship Telephone Systems Router Value Paperless Office Manufacturing Document Management Conferencing Hybrid Cloud Time Management Software as a Service End of Support Data Breach Content Filtering Saving Time Data Security Windows 10 Business Technology Hard Drives Recovery Marketing Redundancy Remote Workers Solid State Drive Audit Printing Telephony Tech Term Wireless Internet Big Data Networking Instant Messaging VPN Automobile Personal Information Wireless Technology Blockchain Gamification Leadership Professional Services Workers Bandwidth Payment Cards Telephone Voiceover Internet Protocol Cost Social Media The Internet of Things Analysis Virtual Assistant Video Conferencing Proactive IT Private Cloud Colocation Holiday Going Green Proactive AI Streaming Government Education Cleaning Mobile Computing Applications Monitoring Voice over Internet Protocol Managed Services Money Work/Life Balance Commerce Lifestyle Travel Chromebook Project Management Business Telephone Remote Phone System Black Market Alexa for Business Outsource IT Hacking Upgrades Hacker Entertainment Samsung Azure Application Business Intelligence Spyware Management Printers e-waste Fiber Optics Office 365 Flexibility IoT Students Utility Computing Mobile Office Bitcoin Disaster Smart Tech Vendor Backup and Disaster Recovery Smartwatch Computer Repair Dark Web Browser Cybersecurty iPhone Save Time Smart Technology Windows 10 HIPAA Cybercrime SMB Active Directory Workstations Customer Service Two-factor Authentication App Apple Financial Technology Windows Server 2008 Facebook Social Engineering Unified Communications Development Finance Operating System Encryption Electronic Medical Records Connectivity Break/Fix Window 10 Printer intranet Remote Working Virtualization Evernote WPA3 Downtime Advertising Company Culture Vulnerability Regulation Wasting Money Windows Server SaaS Managed IT Service User Error Employees Update Remote Monitoring Help Desk Infrastructure OneNote Word Streaming Media Online Storage PCI DSS Office Data Protection Shadow IT Nanotechnology Mobile File Storage E-Commerce Legal Copiers Laptop Computing Amazon Data Loss Administration Antivirus Transportation Payroll Videoconferencing Content Filter Customer Relationship Management Regulations Compliance Search Worker Commute Scam IT Management Cortana Access Control ROI Hosted Desktop USB Books Root Cause Analysis Hard Drive Scams Telework Sabotage PDF Experience Best Practice FAQ Benchmarks Unified Threat Management Screen Mirroring Google Docs Ciminal Twitter How To Windows 10s Outlook Retail Bring Your Own Device Digital Signage Settings Google Maps Projects eCommerce Identities Memory Admin Windows Server 2008 R2 Smart Devices Biometrics Virtual Reality Augmented Reality Google Drive Updates Employee Managed Services Provider Audits Computer Forensics Hyperlink PC Apps Computer Fan Adobe Chrome Wireless Charging App store Relocation Cast Microsoft Excel Current Events Hard Disk Drive Shortcut Websites Computer Tips Law Enforcement Worker Business Strategy Alert Policy Legislation Troubleshooting Tablets Microsoft Word Facebook Privacy Solutions File Sharing Gmail Wasting Time Innovations Text Messaging Music WannaCry Mobile Security Information Internet Service Provider Video Games Consultant Robot Excel Gifts Data Theft Reputation Battery Tech Support YouTube Procedure Scalability Computer Accessories Emails IT Solutions Comparison Language Keyboard Shortcuts CRM Television CrashOverride NFL Maintenance HBO Storage PowerPoint Accessory Server Maintenance Inventory Office Tips Analytics Computer Care Licensing Identity Myths Health Point of Sale Fraud Display Holidays Organization Internet Exlporer Webinar WIndows Server 2008 Specifications Keyboard HaaS Safety Miscellaneous eWaste Testing 5G Touchscreen Sports IT budget Peripheral Investment Communitications Reviews Unsupported Software Data Privacy Threats Workstation Windows Identity Theft Politics Charger iOS Sync Credit Cards Security Cameras Processor Net Neutrality Social WiFi Data Storage Edge Google Assistant Co-Managed Services OneDrive Humor Vendor Management IT solutions Patch Management Sales Virus Financial Micrsosoft Managing Stress Emergency Windows Ink Device Security Camera Medical IT