Security News > 2023 > August > Ransomware hackers dwell time drops to 5 days, RDP still widely used
Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm.
In the first half of the year the hackers' median dwell time dropped to five days from nine in 2022.
Statistics from cybersecurity company Sophos show that the overall median dwell time for all cyberattacks was eight days in the first half of the year, down from ten in 2022.
The average dwell time stands at 15-16 days across all cases, while the maximum observed this year was over three months.
Attackers used RDP mostly for internal activity and only in 18% cases externally.
For these reasons, Sophos recommends companies to make securing RDP a priority because denying this type of access could make a hacker spend too much time and effort to break in, which translates into more time to detect the intrusion.
News URL
Related news
- Kimsuky hackers use new custom RDP Wrapper for remote access (source)
- Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)