View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Fireeye Report: Detection Improving, but Hackers Are Changing Tactics

"Attackers are following the data"

By CBR Staff Writer

The amount of time that actors are spending within systems has decreased by more than 300 days over the last eight years, from 416 days in 2011 to 55 days last year.

This according to California-based cyber security company FireEeye and its subsidiary Mandiant’s trend report for 2019. They reported that last year the median dwell time a hacker spent within a system was 55 days, nearly half the time of the previous year.

Mandiant are calculating dwell time as the number of days that an attacker is present within a machine without detection. A threat actor with prolonged access to your system represents a grave threat when it comes to data stealing and obfuscation.

The cyber security researchers note that detection processes are getting better year on year, thus giving hackers less time to carry long excursions inside enterprise networks. Companies are also continually working on developing and improving their internal bug hunting capabilities alongside their network and endpoint security.

However, they also point out that a change in techniques and targets by threat actors may also be a key factor in decreasing dwell times, saying: “We attribute the reduction in dwell time to the uptick in financially motivated compromises such as ransomware and business email compromise, which tend to have both immediate impact and immediate detection by the targeted organization.”

In the report they note the growing trend of attacks against cloud providers: “As more and more customers move to software as a service and cloud, attackers are following the data,” Mandiant state. While this trend may not be hugely surprising, they anticipate that it will be the key trend of 2019 — as cloud providers and other large online data managers are prime targets for threat actors hoping to just slice off a small percentage of the huge stores of sensitive data such companies possess and process.

See Also: Insecure MongoDB Databases Expose Chinese State Surveillance, Nuclear Plant

Content from our partners
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer
Financial management can be onerous for CFOs, but new tech is helping lighten the load

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy Policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.
THANK YOU