When a Russian nation-state actor attacks a government or a private organization, they have about 20 minutes to detect and contain the attack. From a report: New statistics published today by US cyber-security firm Crowdstrike ranked threat groups based on their “breakout time.” “Breakout time” refers to the time a hacker group takes from gaining initial access to a victim’s computer to moving laterally through its network. This includes the time the attacker spends scanning the local network and deploying exploits in order to escalate his access to other nearby computers.
[…] According to data gathered from 2018 hack investigations, CrowdStrike says Russian hackers (which the company calls internally “Bears”) have been the most prolific and efficient hacker groups last year, with an average breakout time of 18 minutes and 49 seconds.
Read more of this story at Slashdot.
Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/3EPaLCl4BXk/you-have-around-20-minutes-to-contain-a-russian-apt-attack