Hack Durations Shorten While Ransoms Inflate

Cybersecurity firm FireEye combed the files of scores of cyberattacks to determine the average amount of time an attacker has access to a system. The conditions for this duration begin at first contact security bypass and end with proper identification of the threat. Though hacking incident rates aren’t exactly slowing down, the median dwell time of campaigns has finally fallen below a real-time month and stands at 24 days.

The M-Trend 2021 annual threat report, when cross-referencing last year’s metrics, says this represents a halved timetable for mitigating threats. Shaving the security risk detection process down from 56 days to 24 within a calendar year is impressive. Equally encouraging is the progress over the last decade: at that point, cybercrime could operate at a leisurely pace while organization might take a full 12 months to realize infiltration had occurred.

Sadly, hackers are renowned for their preternatural ability to adapt to new environments. While they may be permitted less time to implement their schemes, they’re still raking in cash at disquieting rates. Analysis from North American and European companies found that the ransom for a decryption key has inflated by around $200,000 from 2019 to 2020. This 171% annual increase shouldn’t be taken lightly. Whether or not the timeline is in their favor, hackers are playing a high-stakes game with heavy odds laid against their marks.

The startling increase in profitability is a byproduct of increasingly absurd ransom demands. Pre-2020, the largest ransom paid had been a $5 million sum. COVID-19’s global debut expanded the hacking landscape, so it’s unsurprising that the highest ransom agreement reached to $10 million. That’s notwithstanding another notable doubling of sums; 2020 saw the highest-ever monetary demand for hacking liberation at $30 million, twice what it has been in previous years.

Ransomware group REvil is attempting to break more than a few of these records. They purport to have hacked Quanta Computer, a 3rd party computer supply company in Taiwan, and demanded $50 million in compensation for the return of stolen data. The sizable figure was surely derived from contextual knowledge of Quanta’s public partnerships with more than a dozen U.S. technology firms such as Dell, HP, Blackberry, and Apple.

The lack of an obvious workaround is the cause of pervasive malaise for those under attack. The correlation between streamlined diagnostic agendas and exorbitant ransoms isn’t all that encouraging for victims. Rapid threat detection is a security catch-all philosophy that may halt amateur attempts at data exfiltration, but desperately needs revitalization if the actual security processes are expected to shut out expert hackers. For these malicious campaigns, any window will do. The buck is passed to vulnerable organizations to invest in managed solutions and advanced security protocols for future protection.