Chief Marketing Officer
When cybercriminals exploit a new vulnerability and attack a big brand company, it dominates news headlines. Yet, the reality is that adversaries persist in the shadows, long after initial reports fade from public view.
Take the mass-exploitation of the MOVEit Transfer vulnerability, as just one example. In late May 2023, Progress Software first disclosed a zero-day vulnerability in their managed file transfer solution. The Clop ransomware gang leveraged the vulnerability to breach MOVEit Transfer servers and steal customers’ sensitive data, threatening to publish data if they didn’t receive payment.
Here we are at the end of 2023, and Delta Dental of California and its affiliates are warning nearly seven million patients that their personal data was exposed. Unfortunately, we expect new MOVEit breaches will continue well into 2024.
So why do these attacks linger?
Dwell Time is a Cybercriminal’s Best Friend
What’s often missed is the concept of ‘dwell time’—the period hackers remain undetected within a system before they attack. Dwell time is the cyber criminal’s best friend. It’s the grace period that allows them to navigate stealthily through networks.
Dwell time gives the hackers the most significant (or only) advantage they need: TIME. On average, adversaries lurk for 6 months. During this time, they’re exploring, locating your valuable information, and determining the most opportune time to strike.
Often, attacks are launched over weekends and holidays when hackers expect fewer security staff are working.
Dwell Time is a Ticking Time Bomb
By the time a breach is detected, the cost to the organization can be monumental, ranging from loss of sensitive data to crippling ransomware demands. According to Verizon’s 2023 Data Breach Investigations Report, attacks are accelerating, and 95% are financially driven.
Reducing dwell time is not just a security challenge; it’s a business imperative. Dwell time can lead to severe financial and reputational damage.
Strategies to Detect and Respond Swiftly
The thing is, even in a constantly evolving threat landscape, the security fundamentals haven’t changed. It’s not about chasing the latest tool but about applying time, resources, and experience to create a comprehensive, layered defense.
A layered defense strategy means protecting not just one vector but all potential entry points to a network. This requires a synergy of controls and visibility across all layers of the infrastructure—from email and DNS to network and endpoints.
To minimize dwell time, businesses need to:
- Implement real-time threat detection systems
- Conduct regular security audits and penetration testing
- Foster a culture of security awareness among employees
- Ensure that you have a cohesive, layered defense strategy
- Have 24×7 Security Operations for a quick response
Vigilance is Key
Without an early warning system and preventive measures, you can’t know if you’ve already been compromised. Beyond detection, once a threat is identified, it’s critical to quickly block and eradicate it.
Long after the latest exploit has left the headlines, it still lingers in the wild—even as new threats emerge. In a continually shifting environment, your security head has got to be on a swivel. Tactics change. Tools that once set the gold standard become relics. You need expert eyes on glass 24×7.
DataEndure: Your Constant Defender
Waiting to react to the threats of tomorrow isn’t an option, and we invite you to join us in a more secure future. For four decades, DataEndure has led the way through change, transforming potential risks into assured resilience.
Everything we do is about ensuring your business success—and it all comes down to timing. Our ability to eradicate bad actors before they can take you down is unprecedented. While the industry average for nefarious dwell time is 6 months, we decrease dwell time to just 6 minutes.