Attackers dwelling in compromised networks for months


By Dylan Bushell-Embling
Wednesday, 22 April, 2020

Attackers dwelling in compromised networks for months

Security teams are still struggling to cut down the time attackers spend infiltrating enterprise networks, with hackers routinely dwelling inside compromised networks for 100 days or more.

A survey conducted by Attivo Networks found that 64% of respondents felt that 100 days of dwell time — the timespan between an attacker entering a network and the organisation detecting them — seemed accurate or was too low.

In addition, 22% of respondents stated that they are not tracking dwell time statistics at all, up 7% from last year.

The survey also found that user networks and endpoints are the top concerns for 65% of respondents. Securing the cloud is also a high priority concern among 63% of respondents.

The top attacks concerning defenders remain malware and ransomware. This trend was significantly pronounced among industries most sensitive to data loss or interruptions to normal operations, such as health care, education, energy and utilities, and legal and professional services.

But enterprises are also increasingly adopting security technologies. Respondents believe attackers are most vexed by technologies including traffic analysis (44%), deception technology (40%) and next-generation firewalls (40%).

Meanwhile, three in four respondents have adopted some form of standardised security framework, with the most popular choices being the NIST cybersecurity framework (45%) and the ISO 27000 family of standards (37%).

“Much of this year’s research indicates a continued demand for in-network detection that works reliably across existing and emerging attack surfaces and is effective against all attack vectors,” Attivo Networks Chief Deception Officer Carolyn Crandall said.

“Reducing dwell time has also become an increased focus, as well as adopting technologies that detect attackers inside the network early and accurately. A multilayered strategy of complementary security controls that include new solutions like deception technology is proving to create the most effective control.”

Image credit: ©stock.adobe.com/au/Leo Lintang

Related News

Guest accounts a major threat to IT environments: report

Kaseya's 2026 SaaS Security Report found that SMBs are leaving themselves exposed to attack...

Accenture to spend $6bn growing its OT security business

Accenture has arranged to acquire a majority stake in OT security company Dragos and complete two...

ACSC critical alert for Fortinet Firewalls and VPN Gateways

The Australian Cyber Security Centre has raised an alert that it is aware a widespread malicious...


  • All content Copyright © 2026 Westwick-Farrow Pty Ltd