CYBER Insights » THREAT INTEL: MANDIANT – found that attacker dwell time decreased in 2023

THREAT INTEL: MANDIANT – found that attacker dwell time decreased in 2023

CYBER Insights | Cyber Crime
Image Credit: IfOnlyCommunications

Gibraltar: Thursday 27 June  2024 at 10:30 CET

THREAT INTEL: MANDIANT – found that attacker dwell time decreased in 2023

By Andy Jenkinson – Guest Contributor |  Group CEO Cybersec Innovation Partners
via IainFRASER.net/CYBERInsights
First for SME Cybersecurity News
Google Indexed on 270624 at 11:05 CET

#SMECyberInsights #SMECyberNews #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI #CyberCrime #DwellTime

What Is Dwell Time In Cybercrime?

Dwell Time is the number of days, months, or even years that have passed before a discovery of unlawful access.

In some cases discovery is NEVER made as those securing fail to look at critical DNS, PKI, and Servers. Many systems are constantly and unknowingly accessed with threat actors ‘Living off the Land’ indefinitely.

Yesterday, a major Stock Exchange that trades a Billion shares a day and who suffered a cyberattack in 2018 were completely unaware, until we informed them, that their IPv4 servers were compromised. These servers manage their critical domains which hid a spurious, unlawful Chinese domain/redirect.

We are not privileged to confirm, nor deny if that same inserted Chinese domain was the cause of the 2018 cyber incident, however, it certainly went unnoticed and unknown about for some period of time, possibly many years.

Our reward – after addressing ‘The Chinese Domain’ is to now be ignored, gaslighted, and communications removed in an attempt to hide errors, negligence, and incompetence to cover their tracks. That includes their CEO.

Image_RichardPatterson_Flickr_Ransomware

‘Share and Defend’ more ‘Share and Stabbed’ in the back…

It is all too clear that basic security knowledge and expertise is failing many of the world’s largest companies, agencies, and governments. Then their negligence wrongly blamed on the Cyber Bogeyman as the Cover-Up, Penn and Teller show begins.

In this case, the last laugh will be on this Stock Exchange as there is many more exposed and insecure positions that they will scrabble to try to discover that we already discovered instead of engaging professionally.

So now they are playing Russian Roulette (and Chinese) with the Financial Markets and Regulators due to vanity, egos, arrogance, and ignorance.

That’s not leadership, that borders on being complicit and criminal.

Cybersec Innovation Partners
NYSE
FBI Cyber Division
U.S. Securities and Exchange Commission
The White House
Central Intelligence Agency
London Stock Exchange
Information Commissioner’s Office
Serious Fraud Office (UK)
InternetSecurity
DNS

About Andy Jenkinson

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years’ experience as a hands-on lateral thinking CEO, coach, and leader. A ‘big deal’ business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100’s £ millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world’s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.