Ransomware Attacks Speed up 44% Leaving Less Time for Detection and Response

Ransomware Attacks Speed UpNew data suggests that the gangs and toolkits behind current ransomware attacks are materially improving their abilities, resulting in a speeding up of attacks before defenses kick in.

It’s the last thing we want to hear; the threat actors are winning. But, according to Sophos’ 2023 Active Adversary Report for Tech Leaders report – at least when looking at threat actor dwell time – it seems to be the case. Dwell time is that time between when a threat actor first achieves initial access to when they actually carry out their attack.

Last year (according to Sophos) the median for ransomware attacks was just 9 days. Today, it’s just 5.

That’s a 44% improvement where threat actors are able to perform the needed discovery, lateral movement, privilege escalation, etc. needed to attack. The only good news here is that, for non-ransomware attacks, the median dwell time rose from last year’s 11 days to 13 this year.

Regardless of how you look at it, the reality is that single-digit day dwell time is now the assumption. You have just days to determine whether an attacker is on your network until they wreak havoc on your organization.

This is why I’m so passionate about Security Awareness Training as a means to thwart these attacks before the attacker has enough access to start the “dwell time” clock. If users never fall for phishing or social engineering attacks, the ability for the threat actor to gain entrée to your organization’s network is significantly reduced.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Ransomware

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews