Organizations urged to up defense against increasingly speedy cyberattacks
Organizations need to move faster to counter cyberattacks, according to a cybersecurity expert, as the time required for cyber-criminals to illegally access and move from one computer to the next has greatly reduced.
The average time it takes a cybercriminal to infiltrate a second or third device after initially breaking into one computer at a particular organization went down to 84 minutes in 2022, compared to 98 minutes the previous year, according to a report released at the end of February by US-based cybersecurity company CrowdStrike.
“E-crime actors are getting quicker, compared to a year ago in performing their malicious activities,” Fabio Fratucello field CTO at the company told Al Arabiya English at cybersecurity conference GISEC in Dubai on Wednesday.
If cybercriminals can move from one device to another faster, this means the rate at which they can gather information about a company and use this to extort a business also speeds up, putting companies at greater financial risk.
“Adversaries [attackers] are embracing new and emerging technology to effectively run their operation as a business,” Fratucello continued.
“[And] we [companies] need to improve at equal speed, so that we can continue to stay ahead of the game.”
Over the course of 2022, the number of criminals using Cloud technology to exploit organizations grew by 95 percent, which indicates a larger trend of e-crime and nation-state actors increasingly exploit cloud technology, according to the same report from CrowdStrike.
Half of IT professionals also believe newly released ChatGPT will be used to successfully carry out cyber-attacks, while 71 percent believe foreign nation-states are likely already using the technology, according to a February report from BlackBerry.
According to a recent study by cybersecurity company Trellix, 53 percent of cybersecurity specialists in the UAE alone said they feel they are “fighting a losing battle against cybercriminals.”
“There are technologies out there to stop them [attacks] in progress. But it’s about getting organizations willing to take that step,” Jason Lane-Sellers director of market planning at cybersecurity firm LexisNexis Risk Solutions told Al Arabiya English in a separate interview.
But despite the slow up take, companies seem to be moving in the right direction.According to the same research by BlackBerry, 82 percent of the people managing IT for businesses plan to invest in AI-driven cybersecurity in the next two years.
Almost half – 48 percent – plan to invest before the end of 2023.“I believe we are at the starting point, we’re seeing the momentum. But I believe there’s still a bit to go,” Fratucello said.