In the second half of 2023 [3], security experts observed a significant increase in hands-on attacks, posing a challenge for defenders [5].


Security experts observed a 73% increase in hands-on attacks in the second half of 2023 compared to the previous year. The average breakout time decreased to just 62 minutes [3] [6], with the fastest attack recorded at 2 minutes 7 seconds [2] [6]. Threat actors are exploiting stolen credentials for initial access [2], with identity-based attacks accounting for 75% of detections [3]. Cloud intrusions have increased by 75% [1] [2], with technology [4], telecoms [4], and finance sectors experiencing the highest number of intrusions [4]. Adversaries are focusing on accelerating initial access through various means [4], including phishing, social engineering [1] [4], and exploiting vulnerabilities [4]. Generative AI is expected to be used for cyber activities in 2024 [2], with 34 new threat actors emerging [1].


The rise in hands-on attacks and interactive intrusions highlights the need for organizations to enhance their cybersecurity measures. With the increasing use of social engineering and phishing campaigns [1], it is crucial for defenders to stay vigilant. State-sponsored adversaries targeting elections and the spread of misinformation through AI-generated content on social media pose significant challenges. Organizations must adopt a platform approach to protect against evolving adversary tradecraft and mitigate future cyber threats.