A recent threat report by cybersecurity company Secureworks has revealed a significant decrease in the time it takes cybercriminals to deploy ransomware after compromising their targets. This year, hackers are deploying ransomware within the first 24 hours, compared to an average of 4.5 days last year.
Secureworks warns that 2023 could become the most prolific year for ransomware attacks, with three times as many victims listed on leak sites in May compared to the previous year. While leak sites are noted to be an imperfect metric for assessing the ransomware problem’s size, the report emphasizes that ransomware and data-theft extortion remain significant threats to businesses.
In over 50% of Secureworks’ incident response engagements, hackers successfully executed their malware within just one day of infiltrating a victim’s computer network. The median dwell time has drastically dropped from 4.5 days last year, with 10% of cases witnessing ransomware deployed within five hours of initial access.
This trend may be driven by cybercriminals’ desire to reduce the risk of detection. The report highlights that the cybersecurity industry has improved its ability to detect precursor activities to ransomware attacks, prompting threat actors to focus on simpler and faster operations.
Despite some high-profile takedowns and sanctions, the adaptability of cybercriminals and the emergence of new threat groups continue to fuel the rise in victim and data leaks, maintaining the substantial threat posed by ransomware.