Cyber-attacks have sped up in 2024, with breakout times shortened by 22% compared to the previous year. ReliaQuest’s analysis of customer data reveals that attackers are now moving faster from initial access to lateral movement within networks. The fastest breakout time recorded was just 27 minutes, almost half the average of the previous year, highlighting the increasing difficulty for security teams to contain threats in real-time. With manual incident response strategies often taking over eight hours to contain attacks, organizations are losing the battle against increasingly efficient cybercriminals.
Several factors have contributed to this acceleration of attacks. Infostealers and initial access brokers (IABs) have become more prevalent, leading to quicker exploitation of vulnerabilities.
In 2024, there was a dramatic rise in infostealer logs and IAB listings on the dark web, enabling attackers to purchase immediate access to networks, often with admin-level privileges. This drastically reduces the time it takes to move laterally within networks, allowing threat actors to deploy ransomware or steal data with minimal delay.
Ransomware actors have also innovated, developing specialized attack techniques to speed up the process. Ransomware-as-a-service (RaaS) affiliates now specialize in specific stages of the attack, making the process more efficient. Each affiliate can focus on one task, such as breakout, which speeds up the entire process. The report also highlights the use of IT helpdesk vishing, with attackers leveraging voice phishing to quickly gain access and establish command-and-control connections, further reducing breakout times.
ReliaQuest also points to the increasing role of artificial intelligence (AI) in speeding up cyber-attacks. AI enables threat actors to automate reconnaissance, spot vulnerabilities faster, and adapt their exploitation techniques in real-time. With the help of AI, attackers can generate attack scripts, bypass detection, and deploy payloads much more rapidly, reducing breakout time significantly. This technological evolution, combined with the increased efficiency of attackers, has made it more difficult for organizations to defend against evolving cyber threats.