New reports suggest that the cyber attacks threatening businesses like yours are getting smarter, stronger, and faster. Advances in cheap computing power, AI, and even hacking techniques themselves mean today’s cyber criminals are accomplishing more with less and doing so using some tactics that are downright frightening.
Much of the research stems from the CrowdStrike 2024 Global Threat Report, a wide-ranging report with tons of observations and takeaways.
Here’s what you need to know about the latest research — and how to keep your business as safe as possible.
Breakout Times Are Getting Faster
The first big takeaway was how much shorter breakout times became year over year.
Breakout time is how long it takes a cyber attacker to move from the initial point of entry to some other system or area. In other words, it’s how long it takes between when the thief picks the lock (“I got in!”) and when the thief moves into the next room and starts stealing stuff (“I found something worth stealing!”).
So what did the report show? In previous years the average breakout time was between 79 and 84 minutes. In 2023 it dropped to just 62 minutes.
That’s just over an hour that your business has to realize there’s been an intrusion and take whatever steps needed to get the intruder out of the system.
The fastest breakout time in the report? Just over two minutes. Yikes!
Malware Isn’t the Top Attack Method — People Are
Another alarming observation from the report: it’s not just about malware anymore. In fact, malware is only involved in around 25% of attacks. That means while all the advice you’ve heard about not opening suspicious attachments is still good advice, it only deals with around 1 in every 4 attacks you might encounter.
So what was the common denominator for the remaining 75% of cyber attacks?
People.
These attacks are almost always identity-based. The bad guys buy lists of stolen credentials from access brokers on the dark web, or they just steal the credentials from you directly through the same kinds of phishing and spear-phishing schemes we’re constantly talking about on our blog.
That means the same advice we always give — better security training, long and unique passwords, using a password manager, and enabling two-factor authentication (2FA) or multi-factor authentication (MFA) — are still the right things to do.
Unfortunately, even some of these best practices are no longer entirely safe.
Cyber Attackers Employing Advanced Tactics to Break 2FA and MFA
Latest reports are showing another worrisome trend: some attackers are finding ways to break 2FA and MFA.
That’s definitely a bad thing, but first, the good news: none of these are particularly easy to do, so the likelihood of getting hit at complete random by a 2FA-busting attack isn’t incredibly high.
But if someone is intentionally targeting you, the likelihood does shoot up.
Most of the methods of breaking 2FA and MFA aren’t technological hacks per se, they’re just more social engineering. Users still have to input a secondary code to log in. But what the bad guys have done is figure out some clever ways to intercept those codes (SIM swapping) or to trick people into giving them up (over the phone, by email, or even by chat).
The scariest of them all are man-in-the-middle or attacker-in-the-middle attacks. With these, the attacker sets up between you and the site you’re trying to log into, scooping up either your 2FA code or even your session cookie. The semi-good news is that (as you might expect) the scariest attack is also the hardest to pull off, so there’s a little less risk that your small business will be targeted in this way.
Despite the recent increase in sophistication of these attacks, you still have options to get protected. The best defense is a good defense, one that’s set up and maintained by professionals who understand the nature of these evolving threats.
If you’re ready to discuss what a solid cybersecurity response plan looks like for your business, reach out to our team.