Sophos, a UK cybersecurity firm, revealed that organizations take almost 11 days to realize that hackers have breached their corporate network. The majority of the breaches are discovered only after the attack has been launched. In this article ZDNet, Liam Tung shares how hackers dwell in your network without being detected.
When Hackers Dwell
Since cybercriminals could move around in your network under the radar, they get more time to find out the loopholes and launch a planned, foolproof attack. It takes a few hours to perform hacking activities like ‘lateral movement, reconnaissance, credential dumping, data exfiltration’. So, if the hackers dwell for 11 days, it gives them 264 hours to cause more damages.
Popular threats are ransomware, data theft, cryptomining, trojan viruses in financial institutions, data wipes, and penetration testing. Another popular method is remote desktop protocol (RDP), causing 30 percent of the attacks. There is a 12-percent chance of phishing attacks, and the rest 10 percent occur from systems with obsolete security patches.
RDP endpoints are more common than VPN breaches among hackers and are the favorite vector for ransomware activities. ESET, a security firm, reported an 800-percent spike in RDP incidents in 2020 when most organizations moved to remote work models. According to Sophos’s report, “in 41% of cases, RDP was used only for internal lateral movement within the network.”
Several ransomware vendors provide services to cybercriminals. DarkSide is a relatively new player in the market and has already earned $5 million from the recent Colonial Pipeline attack. REvil (Sodinokibi), ‘the most active ransomware threat in 2020,’ collects an average of $260,000 by targeting government and healthcare institutions. Ryuk has alone received $150 million as ransom money in 2020. Dharma, Maze, Ragnarok, and Netwalker also top the chart.
US president Joe Biden had a talk with Russia about these attacks. “We have been in direct communication with Moscow about the imperative for responsible countries to take decisive action against these ransomware networks,” assured Biden. As for your individual efforts, you can shorten the time when hackers dwell in your network by responding faster. Also, keep in mind that it is easier to detect ransomware than a data breach.
To view the original article in full, visit the following link: https://www.zdnet.com/article/this-is-how-long-hackers-will-spend-in-your-network-before-deploying-ransomware-or-being-spotted/?&web_view=true