"Attacker Breakout Time Falls to Just One Hour"

Security experts at Crowdstrike recorded a surge in “hands-on-keyboard” threats in 2023, with the average time it took to move laterally from initial access dropping 35% annually to just 62 minutes.  The researchers noted that this so-called “breakout time” is a critical factor in how successful attacks are, as it signifies how long defenders have to detect and contain threats before attackers are able to conduct reconnaissance, establish persistence, and locate their targets.  The figure decreased from 84 minutes in 2022, although the fastest recorded breakout time last year was two minutes and seven seconds.  The researchers noted that the technology (23%), telecoms (15%), and finance (13%) sectors recorded the largest share of intrusions last year.  Overall, Crowdstrike noted a 60% annual increase in the number of these more advanced “interactive intrusion” or “hands-on” campaigns during 2023.  The researchers stated that once an initial compromise occurs, it only takes seconds for adversaries to drop tools and/or malware on a victim’s environment during an interactive intrusion.

Infosecurity Magazine reports: "Attacker Breakout Time Falls to Just One Hour"