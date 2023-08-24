According to an official release, Sophos, a cybersecurity provider, released its Active Adversary Report for Tech Leaders 2023, a report on attacker behaviours and tools during the first half of 2023. After analysing Sophos Incident Response (IR) cases from January to July 2023, Sophos X-Ops is expected to have found the median attacker dwell time.

As per the report, it is believed that the time from when an attack starts to when it’s detected is reduced from 10 to eight days for all attacks, and to five days for ransomware attacks.

“Active Directory infrastructure might be the most powerful system in the network, providing access to the systems, applications, resources and data that attackers can exploit in their attacks. When an attacker controls AD, they can control the organisation. The impact, escalation, and recovery overhead of an Active Directory attack is why it’s targeted,” John Shier, field CTO, Sophos, explained.

The Sophos Active Adversary Report for Business Leaders is expected to be based on Sophos Incident Response (IR) investigations which includes about 25 sectors from January to July 2023. Supposedly, the organisations were located in 33 different countries across six continents. It is believed that about 88% of cases came from organisations with fewer than 1,000 employees.

