Fifty-one seconds. That’s all it takes for an attacker to breach and move laterally across your network, undetected, using stolen credentials to evade detection.
Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, explained to VentureBeat just how quickly intruders can escalate privileges and move laterally once they penetrate a system. “[T]he next phase typically involves some form of lateral movement, and this is what we like to calculate as breakout time. In other words, from the initial access, how long does it take till they get into another system? The fastest breakout time we observed was 51 seconds. So these adversaries are getting faster, and this is something that makes the defender’s job a lot harder,” Meyers said.
Weaponized AI demanding an ever-greater need for speed
AI is far and away an attacker’s weapon of choice today. It’s cheap, fast and versatile, enabling attackers to create vishing (voice phishing) and deepfake scams and launch social engineering attacks in a fraction of the time previous technologies could.
Vishing is out of control due in large part to attackers fine-turning their tradecraft with AI. CrowdStrike’s 2025 Global Threat Report found that vishing exploded by 442% in 2024. It’s the top initial access method attackers use to manipulate victims into revealing sensitive information, resetting credentials and granting remote access over the phone...