Security News > 2023 > August > Ransomware hackers dwell time drops to 5 days, RDP still widely used
Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm.
In the first half of the year the hackers' median dwell time dropped to five days from nine in 2022.
Statistics from cybersecurity company Sophos show that the overall median dwell time for all cyberattacks was eight days in the first half of the year, down from ten in 2022.
The average dwell time stands at 15-16 days across all cases, while the maximum observed this year was over three months.
Attackers used RDP mostly for internal activity and only in 18% cases externally.
For these reasons, Sophos recommends companies to make securing RDP a priority because denying this type of access could make a hacker spend too much time and effort to break in, which translates into more time to detect the intrusion.