Cybersecurity company Sophos has recently released its Active Adversary Report for Tech Leaders 2023. The report highlights a few important findings about cyberattacks in the first half of 2023 as follows:
1) Decrease on Dwell Time
Dwell time is basically the attack detection speed of a computer security network. It is calculated based on the time from the start of a cyberattack to when it’s detected. Sophos found that the time it takes to detect a cyberattack has decreased. In 2022, it took an average of 15 days to detect an attack, but in 2023, this time has been reduced to just 8 days. For ransomware attacks, it’s even shorter, at 5 days.
2) Attacks on Active Directory
Active Directory (AD) is a crucial part of a company’s computer network. According to Sophos, attackers now take less than a day (approximately 16 hours) to breach and gain control of AD. This is a concerning trend because having control of AD gives attackers significant power over the company’s systems and data.
3) Ransomware Attacks
Ransomware attacks were the most common type investigated in the report, making up 69% of cases. Most ransomware attacks occurred outside of regular working hours, with 81% of them launching their final damaging actions outside of business hours.
4) Detection Timing
Interestingly, the report shows that the number of attacks detected increases as the week progresses, with a notable spike in ransomware attacks on Fridays and Saturdays.
5) Security Tools
The report mentions that while there have been improvements in security tools and technologies, attackers are still finding ways to infiltrate networks. The key to better security is not just having the right tools but also actively monitoring for threats.
In conclusion, this report serves as a reminder that cyberattacks are evolving, and businesses need to stay vigilant and invest in both advanced security tools and continuous monitoring to protect their data and systems.
You can find more detailed information in the full article on the Sophos’ website.