Cybercriminals hide in the system for an average of eleven days

Sophos has published free annual playbook. The report describes the behavior as well as tools and techniques and procedures of hackers. Above all, the results also show how long intrusions into systems go undetected.

Sophos

Sophos has published its "Active Adversary Playbook 2021." In the booklet, the cybersecurity company describes which tools are typically used in cyberattacks. The report is based on findings of tools, techniques and procedures used by hackers. It examined telemetry data and 81 investigations of various incidents by the Sophos managed threat response team. The report focuses on better identifying attack tactics in networks. The results show that attackers typically linger on the network for eleven days before they are even detected. Ransomware was involved in 81 percent of cases, and the remote desktop protocol (RDP) was used to infiltrate networks in 69 percent of cases.

The eleven-day dwell time on networks compares to 264 hours for potential criminal activity such as access theft. Eleven days is an infinite amount of time to cause damage on a company's network, according to Sophos. The Remote Desktop Protocol (RDP) played a role in 90 percent of the attacks.

"The threat landscape is becoming increasingly confusing and complex. Cybercriminals are launching their attacks with a wide variety of skills and resources, from script kiddies to state-backed hacker groups. This makes the job difficult for defenders," said John Shier, senior security advisor at Sophos.

Other topics from the Advisory Playbook (free) are the most commonly used attack techniques and tactics, the earliest signs of an attack, the most commonly observed threat types, and the most commonly identified hacker groups.

Source: Sophos

(Visited 47 times, 1 visits today)

More articles on the topic

SECURITY NEWS

Bleiben Sie informiert über aktuelle Sicherheitsthemen – praxisnah und zuverlässig. Erhalten Sie exklusive Inhalte direkt in Ihren Posteingang. Verpassen Sie keine Updates.

Jetzt anmelden!
anmelden
You can unsubscribe at any time!
close-link