Report: Hackers are breaking into networks faster than ever
New data from CrowdStrike describes a rapidly changing cybersecurity threat landscape as hackers become faster and more creative.
In the last 12 months, hackers have managed to accelerate their activity at an alarming rate.
We’re not talking about more attacks but attacks that are faster themselves. According to the 10th Annual CrowdStrike Global Threats ReportAttack startup time (the time it takes for a threat actor to gain initial access to a network) has decreased from 84 minutes in 2022 to just 62 minutes over the past 12 months.
And once inside, it only takes 31 seconds: 31 seconds! – for an attacker to begin deploying tools to explore the compromised network.
Worryingly, the fastest known attack in the last 12 months took just two minutes and seven seconds from initial attempt to actual network access.
Attackers are also becoming smarter and more capable of conducting interactive intrusions: attacks that rely more on the attacker’s ingenuity to exploit stolen credentials and integrate into a network rather than simply deploying malware and letting it do the work. There has been a 60 percent increase in this type of activity.
Similarly, as organizations migrate to the cloud, so do threat actors. Cloud intrusions increased 75 percent over the past year.
But perhaps the most worrying threat is not how hackers are adapting to a changing environment, but rather what they will be targeting in the coming year. CrowdStrike notes that more than 40 democratic elections are looming in 2024, a circumstance that criminals and nation-state actors are likely to take advantage of, disrupting processes or even changing the way people vote through disinformation campaigns driven by AI deepfakes.
China, Iran and Russia are identified as particularly dangerous actors in this regard.
“Throughout 2023, CrowdStrike observed unprecedented stealth operations by brazen e-crime groups, sophisticated nation-state actors, and hacktivists targeting businesses across all sectors around the world. “Rapidly evolving adversarial techniques focused on both cloud and identity at unprecedented speed, while threat groups continued to experiment with new technologies, such as GenAI, to increase the success and pace of their malicious operations,” he said. Adam Meyers, head of adversary fighting. operations at CrowdStrike, in a statement.
“To defeat relentless adversaries, organizations must take a platform approach, driven by intelligence and threat hunting, to protect identity, prioritize cloud protection, and provide comprehensive visibility into areas of business risk.”
You can read the full report here.