Attackers Are Striking Faster and Disguising Themselves Better
Security experts are sounding the alarm on a worrying trend that's leaving companies vulnerable to cyber attacks. The time it takes for attackers to exploit a security vulnerability, known as the "time-to-exploit" (TTE), has been plummeting in recent years. This means that malicious actors can now strike faster and become increasingly skilled at concealing their presence in a successfully hacked network.
Experts refer to the time it takes to establish a foothold and then gain unauthorized access to company resources before being detected as "dwell time". The shorter this dwell time, the better for attackers. Even the most talented hacker needs time and can cause more permanent damage the longer they remain undetected and unobserved.
The Fear of Hidden Intruders is Real
Alarmingly, dwell time is increasingly reaching months or even years. Take the case of Sony and the US Office for Personal Management, where attackers were able to operate undisturbed for over 12 months. As a result, more than 10 terabytes of data were stolen from the Japanese technology group.
The fear of hidden intruders is great, as no one can say with certainty whether a malicious listener is already on their own network. It's not just a theoretical concern – it happened in the 2015 Bundestag hack, where strange activities by third parties (Russian APT hacker groups) were detected only through a "friendly" intelligence service.
Increasingly Difficult to Keep Up
This makes it more important than ever to ensure that attackers don't gain access to the system in the first place. However, this is becoming increasingly difficult: the response time available to companies and software operators between the discovery of a vulnerability and its exploitation has fallen rapidly in recent years.
In 2018, experts reported an average response time of 63 days, while in recent years it's dropped to just over a month. In 2023, administrators had an average of only five days to detect and close vulnerabilities – today it's less than three days.
Attackers React, Learn, and Professionalize
In the past, discipline (and awareness) was not as strong in many companies, contributing to the spread of automated attack methods such as worms and viruses. However, in 2022, attacks via N-day vulnerabilities still accounted for 38% of all attacks, but by 2023 this figure had fallen to just 30%.
This might seem like a positive trend, as administrators can now find and fix known vulnerabilities more quickly and effectively. But there's also a downside: over two-thirds of all attacks are now based on zero-day vulnerabilities, with this figure reaching 70% in 2023.
Without automation and standardization of processes, it's impossible for companies to respond to new threats within a reasonable timeframe. The only solution is the use of professional vulnerability management.
Test Now, Buy Here
Greenbone offers solutions that can help companies improve their cybersecurity posture. With automated testing and reporting, administrators can get a quick overview of their current security status and take action to prevent future attacks.