• About
  • Subscribe
  • Contact
Thursday, June 5, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home Technology Data Protection

Cybercriminals wiped out telemetry logs in 82% of attacks

FutureCISO Editors by FutureCISO Editors
December 4, 2023
Image by Tumisu from Pixabay

Image by Tumisu from Pixabay

Share on FacebookShare on Twitter

Sophos released its Active Adversary Report for Security Practitioners, which found that telemetry logs were missing in nearly 42% of the attack cases studied. In 82% of attacks, cybercriminals disabled or wiped out the telemetry to hide their tracks.

Time is critical

“Time is critical when responding to an active threat; the time between spotting the initial access event and full threat mitigation should be as short as possible. The farther along in the attack chain, an attacker makes it, the bigger the headache for responders.

Missing telemetry only adds time to remediations that most organisations can’t afford. This is why complete and accurate logging is essential, but we’re seeing that, all too frequently, organisations don’t have the data they need,” said John Shier, field CTO at Sophos.

John Shier

Slow and fast attacks

In the report that covers Incident Response (IR) cases analysed from January 2022 through the first half of 2023, Sophos finds that “fast attacks” accounted for 38% of the cases studied.

These are ransomware attacks with a dwell time of less than or equal to five days. “Slow” ransomware attacks, with more than five days of dwell time, account for 62% of the cases.

The report revealed that organisations will not need a reinvention of their defensive strategies as dwell time shrinks because at a granular level, “fast” and “slow” ransomware attacks do not have many differences in the tools, techniques, and living-off-the-land binaries (LOLBins) in their deployment.

However, fast attacks can be more destructive because they require a more immediate response, especially with the lack of telemetry.

Related:  The Game Plan: Strategies for moving beyond patchwork IT
Tags: cybersecurityransomwareSophostelemetry
FutureCISO Editors

FutureCISO Editors

No Result
View All Result

Recent Posts

  • Platform to enhance software development security
  • Check Point launches enhanced branch office security gateways
  • BarracudaOne to offer a unified approach to cybersecurity
  • AI agents present new security challenges in Southeast Asia
  • Red Hat launches Enterprise Linux 10 for hybrid security

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl