We live in a dynamic world. A world that evolves every microsecond. To match the pace, people often use a hack for every nack. Whether it is to solve a problem we face in daily life or to hack into personal information, A hack is used everywhere.
With rapid advancements in technology, hackers started facing issues with hacking into servers, as they would soon sound the alarm and stop you from hacking. But lately, ransomware threat actors have found a way to hack faster. They aim for speed to get into the servers before the alarms ring off.
These malevolent actors are spending less time navigating through compromised networks with each passing day. The median dwell time has dropped from nine days in 2022 to five days lately.
Read ahead to find out more about this space.
Sophos take on Cyberattacks
Sophos is well known for its cyber-security applications. It is a company that creates computer security software for businesses. It is used by over 20,000 enterprises worldwide.
As per the statistics from Sophos, the overall median dwell time for cyberattacks has reduced from ten days in 2022 to eight days in the first half of 2023.
It also stated that, of all kinds of cyberattacks, ransomware attacks account for 68.75% this year.
While the median dwell time for ransomware attacks reduced, the same for non-ransomware incidents increased from eleven to thirteen days this year.
Digging deeper, the average dwell time for all kinds of cyberattacks stands at fifteen to sixteen days, with the upper cap at over three months.
The above information clearly shows how critical ransomware attacks are and how fast they have gotten. While other hackers tend to linger and wait for the right time to attack, ransomware attackers make the right time as per their needs with their speed.
The Leak of Data
Data infiltration increased by 1.3% this year and came up to a high of 43.42% of the total cases.
With such high numbers, it is evident that data theft is increasing in prevalence.
The first half of 2023 saw a drop in such attacks to 31.58% as compared to 42.76% in 2022.
This trend is paralleled by a rise in incidents where no data exfiltration occurred, increasing from 1.32% to 9.21%. These shifts indicate an evolving strategy among cybercriminals, focusing on targeted data theft rather than indiscriminate attacks.
The Attack Pattern
By mining deeper into the Sophos data, interesting insights emerged. A surprising pattern emerged concerning the days and times of these attacks. It came to light that these threat actors strategically prefer to hit organisations on Tuesdays, Wednesdays, and Thursdays.
The days when every person is swamped with work and with the current scenario, where the IT teams are understaffed and are most likely to neglect the threat with the existing deadlines and pressures they have on themselves.
While other attackers plan to attack the companies when they have a lot on their plate, the ransomware attackers tend to attack on Fridays and Saturdays, right when the companies are the slowest to react with the weekend around the corner.
The Detriment of RDP
In simple words, RDP connects people to their devices remotely.
While this technology is of great use and offers a lot of benefits, it also leads to leaks and the creation of vulnerable entry points for hackers to get into the servers and access all your data.
The data discloses that one of the most favoured tools is Remote Desktop Protocol (RDP), which is built into most Windows devices.
“Combined with the fact that the use of compromised credentials is rampant and that single-factor authentication is the norm, it’s no mystery why attackers love it,” Sophos says.
The statistics shared by Sophos also indicate that 95% of intrusions involved RDP as the access point. However, RDP is mostly used for internal activities, and only in 18% of cases is the software used externally.
With the above information, it is strongly advised for companies to secure their RDP with the help of some software partners, such as Medigate. While no complete security is promised, the shield acts as a layer of protection by making it a lot more difficult for the hacker to get into the server. With this added time and effort from the hacker, it makes it easier for us to detect such intrusions and take action.
The above article delves deep into the ongoing cyberattacks in the current dynamic world.
It is quintessential to take steps to secure your devices and safeguard yourself and your company from various threats.
A daily essential is to regularly check your data to ensure that there are no ambiguous activities and that the network is secure. Storing data for a reasonable time also helps with detecting threats, which in turn helps you make a move to combat them before it is too late.
Partner with Medigate today to secure yourself from ransomware attacks. With the current pace they are at, it is of paramount importance to secure your devices before the incident takes place. Partner today to prioritise security measures and embrace strategies to defend against a wide range of cyber threats, ensuring the protection of critical data and operations.