CrowdStrike Says Attackers Are Moving Through Networks in Under 30 Minutes (cyberscoop.com)
- Reference: 0180855154
- News link: https://it.slashdot.org/story/26/02/24/1911240/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes
- Source link: https://cyberscoop.com/crowdstrike-annual-global-threat-report-attack-breakout-time/
> Cyberattacks reached victims faster and came from a wider range of threat groups than ever last year, CrowdStrike said in its annual global threat report released Tuesday, adding that cybercriminals and nation-states increasingly relied on predictable tactics to evade detection by exploiting trusted systems.
>
> The average breakout time -- how long it took financially-motivated attackers to move from initial intrusion to other network systems -- [1]dropped to 29 minutes in 2025 , a 65% increase in speed from the year prior. "The fastest breakout time a year ago was 51 seconds. This year it's 27 seconds," Adam Meyers, head of counter adversary operations at CrowdStrike, told CyberScoop. Defenders are falling behind because attackers are refining their techniques, using social engineering to access high-privilege systems faster and move through victims' cloud infrastructure undetected.
[1] https://cyberscoop.com/crowdstrike-annual-global-threat-report-attack-breakout-time/
we finally found (Score:2)
A use case for LLMs
Re: (Score:2)
Indeed. Although this has been expected for a while. Time to build actually secure systems and throw out the current mainstream crap.
Oh No! (Score:2)
What shoudl we do? Should we secure our systems?
No! Buy CrowdStrike, instead.
NGL, the product is top notch.
Re: (Score:2)
I've never understood the appeal of a self-updating cloud-connected system that has more access to your systems than you do. I mean, I do as I'm told, and I know that crowdstrike at its worst is still better than most of the alternatives, but still.
Re: (Score:2)
I'm just waiting for the day that Crowdstrike is compromised and is used as an attack vector.
Until then Crowdstrike is one of the resource hogs that slows down your computer.
Re: (Score:2)
Until they render your computer unbootable anyway
Re: (Score:3)
Hey! nobody hacked those computers while they were unable to boot!
They all envy crowdstrike (Score:2)
They all envy crodstrike for their global complete-DoS capabilities eehhh special features! ;)
"Adversary" (Score:2)
It's irritating to me that the word "adversary" has started being used to mean "attacker". They are not the same thing. An adversary is an idealized opponent with certain well-defined capabilities often seen in cryptographic proofs or threat models. It's not the same as an attacker, which is a concrete person, or group of persons, having attacked a system or is currently in the process of doing so.
Re: (Score:2)
An attacker that can pivot or move laterally within 27 seconds of initial breach is a rather "idealized opponent with certain well-defined capabilities".
So, there's that.
I refer to rage against the acronym LOLBins. They're just stupidererer.
Re: (Score:2)
Yeah but it sounds cooler, so...
Re: (Score:2)
Says you. [1]https://csrc.nist.gov/glossary... [nist.gov]
[1] https://csrc.nist.gov/glossary/term/adversary
Re: (Score:2)
I expect some state-run outfits have complained about being called "attackers". Same thing with backdoors.