The 51-Second Breakout: Tracking the Enterprising Adversary

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/9c/8e/d9/9c8ed9d4-8064-113d-8ea4-bf9eea7fa69a/mza_13837699358622918663.jpg/600x600bb.jpg

The Cyber Cyber

Seven Hill Ventures

4 episodes

4 hours ago

The Cyber Cyber Podcast is the essential briefing for security professionals, cyber defenders, and organizational leaders seeking to stay one step ahead of the rapidly evolving threat landscape. Drawing on industry-leading research, this podcast provides an in-depth analysis of the world’s most advanced threat actors—from sophisticated nation-states to specialized eCrime groups. Each episode tackles the crucial challenge of defending organizations against adversaries who are becoming more efficient, focused, and business-like in their approach

Tech News

News

RSS

All content for The Cyber Cyber is the property of Seven Hill Ventures and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Tech News

News

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/44747726/44747726-1762378046407-a9f337033e4e3.jpg

The 51-Second Breakout: Tracking the Enterprising Adversary

The Cyber Cyber

16 minutes 13 seconds

1 month ago

The 51-Second Breakout: Tracking the Enterprising Adversary

Welcome to "The Cyber Cyber." In this critical episode, we dive into the alarming reality of modern intrusion speed, focusing on the sophisticated methods employed by "the enterprising adversary"—threat actors who are increasingly "efficient, focused, and business-like in their approach".

Drawing on elite global threat intelligence, we analyze the race against time that cyber defenders now face:

Unprecedented Speed: Breakout time—the moment an adversary moves laterally across a network—hit an all-time low, with the average falling to 48 minutes for eCrime actors, and the fastest observed breakout completing in a shocking 51 seconds. This pace demands immediate, real-time response from defenders.

The Rise of Hands-On Attacks: We detail how adversaries achieve this velocity by abandoning traditional malware in favor of interactive intrusions. In 2024, 79% of detections were malware-free, indicating reliance on hands-on-keyboard techniques that blend in with legitimate user activity. These attacks are increasing, with a 35% year-over-year rise in interactive intrusion campaigns observed.

Social Engineering as a Gateway: Learn how attackers leverage human weakness to gain initial access. We discuss the explosive proliferation of telephone-oriented social engineering, including how voice phishing (vishing) attacks skyrocketed 442% between the first and second half of 2024. We break down tactics used by groups like CURLY SPIDER, who execute high-speed social engineering intrusions using legitimate Remote Monitoring and Management (RMM) tools like Quick Assist to gain persistence in under four minutes.

GenAI as a Force Multiplier: We explore how highly effective adversaries across all categories—eCrime and nation-state—have become "early and avid adopters" of generative AI. GenAI serves as a force multiplier, shortening learning curves and increasing the scale of activities. It is actively used to generate highly convincing content for social engineering, enabling specialized actors like FAMOUS CHOLLIMA (DPRK-nexus) to create fake IT job candidates.

Tune in to understand why prioritizing real-time detection, hardening identity controls, and anticipating the adversary's next move are essential strategies for keeping up with threats that move in less than a minute