Cyber ​​attackers are attacking faster than ever before

The average time from the initiation of a cyber attack to its detection is shorter than before

Cyber ​​security firm Sophos recently released the Active Adversaries Report for Tech Leaders 2023 report. The report describes the behavior and tools of cyber attackers in the first half of 2023.

In the report, Sophos X-Ops analyzed incidents covered by Sophos Incident Response (IR) from January to July 2023. The analysis shows that the total time from the initiation of a cyber attack to the detection of the attack, has decreased on average. Instead of 10 days, the cyber attacks took place in 8 days. On the other hand, the ransomware attacks occurred within just 5 days. In 2022 , the average duration of attacks decreased from 15 to 10 days.

One of the most important assets for any company is its active directory. According to this report by Sophos X-Ops, on average it took attackers less than a day to reach Active Directory (AD). They can enter it in about 16 hours. Active Directory typically manages identity and access to an organization's resources. That is, if Active Directory is used, attackers can easily log into the system and cause major damage to the system.

Additionally, when it comes to ransomware attacks, 69% of attacks take place within an average of just five days. And in 81% of ransomware attacks, the final payload was launched outside of regular business hours. Again, attacks that took place within a working day took 5 hours. The report also revealed that the number of detected attacks also increased as the week progressed. Whereas nearly half (43%) of ransomware attacks were detected on Fridays or Saturdays.

The “Sophos Active Adversary Report for Tech Leaders” report is based on an investigation into Sophos Incident Response. It took data on 25 sectors of the world where the companies were from a total of 33 different countries from six continents. Eighty-eight percent of the cases were taken from establishments with fewer than 1,000 employees.