- The pirates make attacks faster than ever, report complaints
- Reliaquet Research indicates that encryption of exfiltrated data becomes less likely
- Phishing remains the upper attack vector
In addition to stimulating businesses around the world, the adoption of AI by security teams and pirates has also changed the cybercrime landscape, with new Researchs by Liviaquet saying that cybercriminals are now faster than ever in violation systems, with the average time between initial access and the lateral movement now only 48 minutes.
Interestingly, the report noted that hackers are counting less and less on encryption, with 80% of all violations involving data exfiltration, but only 20%, including encryption, and many attackers, completely abandoning encryption, focusing only on data theft, “a more in -depth and more profitable approach”, confirms the report.
This suggests that companies may be less inclined to pay ransoms, and pirates contain more success to simply sell stolen data, rather than making requests.
Old habits die hard
It may not be entirely surprising, because less than half of Ransomware incidents lead to payment, and those who pay the ransom, only about 7% in fact completely recover their information – so there is not much incitement on each side.
Research also shows that phishing is once again the higher initial access technique, and 30% of these attacks include harvesting diplomas. Social engineering attacks are also evolving, with the vocal phishing ” now behind 14% of violations – in particular targeting of the manufacturing sector, probably due to frequent computer interactions and mild aid policies ” necessary to manage the high volumes of support requests.
But the results also mean that the security teams will have to rethink their priorities in the coming months, and in 2025, companies will have to strengthen their defenses to avoid any expensive stop time.
“The objective can no longer be solely on the restoration of encrypted systems – strategies must also respond to data confidentiality protection, by managing reputation risks and guaranteeing compliance with regulatory requirements,” added the report.
“To prepare, Ciso must implement defenses to detect and prevent attempts at exfiltration while developing play books that prioritize the continuity and resilience of activities against these evolving ransomware tactics.”
