Attackers take under two hours to access private data, Microsoft report

Cybercriminals are using phishing attacks to access private data in under two hours. And the median time for an attacker to begin moving laterally within a corporate network if a device is compromised is one hour, 42 minutes, according to a threat intelligence report by Microsoft

Cybercriminals using phishing attacks can access private data in under two hours shared the threat intelligence report from Microsoft | Photo Credit: Getty Images

Between July 2021 and June 2022, the tech giant removed over 5,31,000 unique phishing URLs and 5,400 phish kits, leading to the closure of over 1,400 malicious email accounts that collected stolen customer credentials, the report said.

Microsoft estimates 80% of ransomware attacks can be traced to common configuration errors in software and devices.

The report has highlighted how specialisation and consolidation of the cybercrime economy have fueled ransomware-as-a-service (RaaS), becoming a dominant business model, enabling a wider range of criminals to deploy ransomware, regardless of their technical expertise.

The RaaS economy allows cybercriminals to purchase access to ransomware payloads and data leakage as well as payment infrastructure. Industrialisation of cybercrime has created specialised roles, like access brokers who sell access to networks, the company said.

Attackers take under two hours to access private data, Microsoft report

Cybercriminals are using phishing attacks to access private data in under two hours. And the median time for an attacker to begin moving laterally within a corporate network if a device is compromised is one hour, 42 minutes, according to a threat intelligence report by Microsoft

Related Topics