OMNINET PLUS Blog

OMNINET Plus has been serving the Washington D.C. metropolitan area since 1994, providing IT Support such as technical help-desk support, computer support, and consulting to small and medium-sized businesses.

Cyberattack Discovery Time is Decreasing (But This Isn’t All Good News)

Cyberattack Discovery Time is Decreasing (But This Isn’t All Good News)

Research has revealed that cyberattacks are spending decreasing amounts of time on their targeted networks before they are discovered. While this may sound like a good thing—a faster discovery of a threat is better than a slower one, after all—this unfortunately is not the case.

Let’s explore this trend, and what it implies for your cybersecurity.

Understanding the Concept of Dwell Time

Dwell time is the term for the duration that a cyberattack is present on the network before it is detected. According to figures compiled by Mandiant, their researchers have found that the median dwell time around the world is 24 days. This number continues a decade-long trend of shortening dwell durations, with 2011 seeing a median dwell time of 416 days.

So, over the past ten years, the median dwell time has shrunk to about a fifth of what it once was.

On the surface, this sounds great… and it makes sense, too. Organizations are investing more into their cybersecurity, so their policies are better and they are simply more able to detect threats. Therefore, cyberattacks aren’t spending nearly as much time on a network before the infiltrated business becomes aware of them, so the damage they can do should be limited… right?

As much as we’d like to wrap this blog up right here and say “Right, and here are some best practices to follow…” we can’t. The situation is just a bit more complicated, and those complications are important.

The Shifting Threat Landscape Plays a Role

Here’s the thing: as the dwell time that cyberattacks spend on a network undetected has shrunk, the methodology behind the attacks—more specifically, the type of attacks commonly being used—has shifted. Nowadays, ransomware plays a much larger part, increasing from 14 percent in 2019 to 25 percent in 2020.

Ransomware (the malware that locks down a targeted system and demands payment to release it) has a much shorter dwell time than most other attacks. Taken as a group, other attack methods had a median dwell time of 45 days. Ransomware: just five. This difference is what contributed to the overall median dwell time of 24 days.

So, these shorter dwell times can be attributed to ransomware intrusions progressing to full-scale attacks much more quickly.

Ransomware Has Gotten Worse

Unfortunately, a business’ troubles don’t end there. In addition to these accelerating attacks, hackers have grown more aggressive. This has translated to higher ransom demands, as well as the unsettling development of so-called “multifaceted extortion”—where the attacker threatens to also publish the data they steal if payment isn’t made.

Other Attacks Are Still Prevalent, Too

Businesses still need to worry about other methods of attack as well. For instance, exploits (codes that take advantage of programming bugs or other vulnerabilities) have risen in popularity again as a way for an attacker to first get into a business’ network. They’re now seen in 29 percent of intrusions, as compared to phishing attacks and their 23 percent prevalence.

Other commonly used tools included misused tools meant to provide security teams with the resources needed to run their evaluations. These backdoors were found in 24 percent of incidents. Moreover, privately-developed malware—the kind that makes responding to a security incident more challenging—was seen in 78 percent of attacks.

This Is All Concerning, So Your Business Needs to Prepare Accordingly

How do you do that? Proactively, and keeping in mind that the modern threat landscape is just too diverse to be covered by a single, simple fix. The measures needed to respond to each are all very different.

If you’re finding this to be a lot to deal with, you aren’t alone—and you don’t have to be to attend to all this, either. OMNINET PLUS and our team of experts can help you ensure that your business’ network is fully secured and monitored against threats of all kinds. To find out more about what we can do, check out some of the services we offer and give us a call at 301-869-6890.

Comments

 
No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 14 May 2021
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Tip of the Week Technology Cloud Privacy Hackers Hosted Solutions Best Practices Backup Internet Business Business Computing IT Services Productivity Business Continuity Google Malware Software Hardware Windows 10 Miscellaneous Mobile Device Management Disaster Recovery Microsoft Innovation Computer Mobile Computing Mobile Devices VoIP Server IT Support Efficiency Data Windows Network Security Workplace Tips Managed Service Provider Smartphone Save Money communications Virtualization Upgrade Email Office Budget Holiday Best Practice Chrome Android Employer-Employee Relationship User Tips Small Business Hacking IT solutions Network Data Management Managed IT Microsoft Office Telephone Systems Recovery Application BYOD Apps VPN Outsourced IT Information Technology Quick Tips Business Intelligence Hard Drives Disaster Operating System Gmail Going Green Firewall Bandwidth The Internet of Things Remote Computing Social Engineering Ransomware Communication Managed IT Services Computers Avoiding Downtime Saving Money Automation Lithium-ion battery Wireless Technology Smartphones Tablet Gadgets Government Biometrics Cybercrime Office Tips Remote Monitoring Browser Risk Management Network Congestion Passwords Health Humor Password Unified Threat Management Proactive IT Social Cost Management BDR Administration Spam Facebook Big Data Hosted Solution WiFi DDoS Streaming Media Telephony Customer Service Mobility Alert Private Cloud Phone System Internet Exlporer IT service Virtual Reality Best Available Shadow IT Google Drive Apple Saving Time Computer Accessories Science Colocation Printer IT Technicians Buisness Uninterrupted Power Supply Domains Document Management Applications Customer Relationship Management Mouse Social Media hacker Printer Server Internet of Things Save Time Laptop iPhone Trending Near Field Communication Sports Instant Messaging HIPAA Touchpad Wearable Technology Virtual Desktop WIndows 7 Search Update Networking Files Bluetooth Phishing Safety Running Cable Maintenance Human Resources Marketing Managing Stress Money Antivirus Chromecast Fax Server Emergency Education IT consulting Operating Sysytem User Error Administrator Bloatware Cybersecurity Storage Television Analytics Solid State Drive PowerPoint Data Breach Access Collaboration Entertainment History Regulations Shortcut Benefits Presentation Transportation SharePoint Reliable Computing Law Enforcement Distributed Denial of Service App Branding Avoid Downtime Robot Teamwork Two-factor Authentication Excel Reputation eWaste SaaS Retail Tech Support User Data storage Meetings intranet Business Management Cameras HaaS