Macatawa Technologies Logo

Cyberattacks are Happening Faster with Less Time for Early Detection

In what sounds like a positive shift, cybersecurity experts have announced their research has found that cyberattacks are spending less time on the networks they infiltrate. Unfortunately, this isn’t such a clear-cut positive. Today, we’ll discuss “dwell time” and how less of it is a problem.

What Is Dwell Time?

Dwell time is a term that’s used a lot in technology. Typically, it is used to measure how long a user stays on a particular webpage, but in this context it is the duration a threat comes in contact with the network’s filter before it is detected by the software or a technician. You may be surprised to learn that in the latter context, the median dwell time for malicious code is 24 days. This may seem like an eternity, but just 10 years ago the median dwell time of a threat was well over a year at 416 days.

It’s reasonable to assume that since people are more cognizant of web-based threats and therefore are investing more time and money into cybersecurity initiatives, that the number would shrink rapidly. It stands to reason that the shorter the dwell time is, the more apt a program designed to catch cybersecurity threats would be able to quarantine and eliminate the threat, right? Unfortunately, it’s not so simple.

New Threats Complicate Things

Many of the attacks we see today are far more sophisticated than they were a decade ago. Threats like ransomware, for instance, are now used more today, and dwell time isn’t as big of an issue. In fact, while your average attack method has a dwell time of 45 days, ransomware’s average is just five before it is deployed and causes you to be locked out of your files or systems. Ransomware doesn’t sit on the network, it is deployed and devastates quickly.

Ransomware Is More Sophisticated

Today more hackers are deploying more ransomware than ever and it’s a major point of emphasis that every network administrator should understand. Not only that, ransomware tactics are becoming more aggressive. Now there is a situation called a “multifaceted extortion” where ransomware is deployed and instead of deleting or stealing the data, they threaten to publish it publicly. Most organizations would do anything to keep their intellectual property and the sensitive information of their clients, vendors, and workers confidential.

It’s Not Just Ransomware

Network administrators need to be aware that it’s not just ransomware they have to be on the lookout for. Unpatched software exploits have exponentially risen recently. In fact, over one-quarter of all hacks (29 percent) happen because hackers find an exploit in a business’ network. Phishing, which is often cited as the most dangerous hacking method only accounts for 23 percent.

Prepare Your Business’ Network

With the threat landscape the way it is, it is important that you diligently patch your software, keep your tools updated and actively train your employees to help you keep threats off your network. At Macatawa Technologies, we can help. Give us a call at 616-394-4940 to learn more about how to ensure your business can navigate through the minefield that’s out there today.


Recent Articles

Security Awareness & Why It’s Important

While tools like Multifactor Authentication (MFA) and Password Managers address account security, there is an even bigger risk within your organization - your end users. Did you know that people account for 95% of cyber-attacks? All it takes is one employee mistake to...

Improving Account Security

Passwords. These simple letters, numbers, and symbols are the keys to accessing some of the most valuable things in life. You need them to access your social media, email, bank and investment accounts. You need them to order take-out, book a flight, or to place an...

You may also like…