Cyberattacks are spending less time on their targeted networks before they are discovered, research revealed. This might sound good on the surface, but unfortunately, it isn’t. Today, we’re going to discuss why cyberattack discovery time is driving more aggressive attack behavior and technology.
Dwell Time
The amount of time a cyberattack is on the network without being detected is called the dwell time. Researchers at Mandiant found that the median dwell time (globally) is 24 days. Luckily, this number has been going down, with it being 416 days in 2011.
So, the dwell time has shrunk to about a sixteenth of what it was over the past ten years. This probably sounds like a great thing but cybersecurity has become more prevalent and companies are creating stronger policies to protect themselves from web threats. So, in theory, since cyberattacks are spending less times in your system, they’re doing less damage… right? Not exactly.
Even though we wish that were the case, and wish we could end this there, this problem is a lot more complicated than that, let’s see why.
The Role Of The Shifting Threat Landscape
Because of the time frame shrinking, cyberattacks have shifted to take on different methodologies. Ransomware has increased from 14 percent in 2019 to 25 percent just last year. Ransomware, if you are not familiar, is the type of cyberattack that targets a system, shuts it down and demands payment to release it. Ransomware is already ahead of the cyberattack discovery time curve, and typically only needs 5 days of dwell time for an attack, which is why it is becoming more prevalent.
Ransomware Is Becoming A Much Worse Issue
With ransomware becoming one of the most popular forms of cyberattacks, the stakes are also rising and hackers are upping the ante. Ransom demands have expanded, asking for higher prices and they often threaten to publish data if the payment isn’t given to them quickly.
Also they can have crippling and far reaching effects depending on the business they target. For instance, the gas shortages we are seeing on the East Coast currently are due to a ransomware attack on Colonial Pipelines.
It Isn’t Only Ransomware
While it has increased, ransomware is not the only threat you should be looking out for. Exploits which are codes that use programming bugs and vulnerabilities to get in, have also increased lately. These are in about 29 percent of intrusions, and phishing attacks are about 23 percent prevalent. Backdoor break ins were in 24 percent, and malware (privately-developed) was seen in 78 percent of these attacks.
What Can Your Business Do To Stay Safe?
Your cybersecurity should always be at the forefront of your team’s needs. You must also understand that your security must be complex because these threats cannot all be treated the same way.
You might need help with all of this, so reach out to MyTek today. We have many security solutions to help your business stay safe and keep cyberattacks away. Call us today at 623-312-2440 to learn more.