Attack velocity surges with average breakout time down to only 62 minutes

2024-02-22 05:30

Adversaries increasingly exploit stolen credentials.

The report indicates that the average breakout time is down to only 62 minutes from 84 in the previous year.

The report notes a sharp increase in interactive intrusions and hands-on-keyboard activity as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.

Adversaries turned their sights to the cloud through valid credentials - creating a challenge for defenders looking to differentiate between normal and malicious user behavior.

"Over the course of 2023, CrowdStrike observed unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe. Rapidly evolving adversary tradecraft honed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations," said Adam Meyers, head of Counter Adversary Operations, CrowdStrike.

"To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk," added Meyers.

News URL

https://www.helpnetsecurity.com/2024/02/22/stolen-credentials-exploit/

#attack