Skip to main content

Surge in long-lasting attacks: 35% exceeded one-month duration in 2024

March 19, 2025

According to the recent Kaspersky Incident Response analyst report, long-lasting attacks that persist for more than a month accounted for 35.2% of the total attacks in 2024.

The Kaspersky Incident Response analyst report offers detailed analysis of cyberattacks that Kaspersky investigated in 2024. It draws upon information from organizations that required assistance during security incidents and identifies emerging trends in threats across different industries and regions. This report serves as a valuable resource for organizations looking to improve their security operations and prepare for future incidents effectively.

The recent report indicates that the average duration of long-lasting cyberattacks, measured in median days, is a staggering 253 days. In response to these incidents, the median duration of incident response efforts was found to be 50 hours, showcasing the complexity and challenge in mitigating the impact of such attacks.

The primary impacts of long-lasting cyberattacks were identified as data encryption and leakage, posing significant risks to organizations. The initial vectors for these attacks predominantly include exploits targeting public-facing applications, leveraging trusted relationships and utilizing valid accounts.

“Understanding the evolving landscape of cyber threats is crucial for any organization striving to safeguard its assets and processes. Our findings reveal that the resilience of cybercriminals grows as technology advances, pushing organizations to not only respond but also to anticipate and adapt their security measures proactively,” comments Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky.

To strengthen your company’s protection against sophisticated attacks, deploy robust cybersecurity solutions and hire qualified practitioners to manage them or adopt managed security services such as Managed Detection and Response and Incident Response. These security services encompass the complete incident management cycle from threat identification to continuous protection and remediation. They assist in safeguarding against evasive cyberattacks, investigating incidents and offering expert support even if a company lacks security workers.

The full Incident Response analyst report 2024 is available via this link.

Surge in long-lasting attacks: 35% exceeded one-month duration in 2024

According to the recent Kaspersky Incident Response analyst report, long-lasting attacks that persist for more than a month accounted for 35.2% of the total attacks in 2024.
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Innovating the industry with a Cyber Immunity approach, Kaspersky safeguards consumers, businesses, critical infrastructure, and governments from cyberthreats, with over a billion devices protected to date.

Kaspersky ensures Cybersecurity True to Business, focusing on providing clear outcomes, protecting revenue, easing workloads and preventing downtime. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services for organizations of every size, from small businesses to large enterprises, combining proven AI-driven protection technologies with simple management and expert support.

Recognized in independent tests and trusted by millions of individuals worldwide and nearly 200,000 organizations, Kaspersky helps detect threats earlier, respond faster and operate with greater confidence and freedom, protecting what matters most to our clients. Learn more at www.kaspersky.com.

Related Articles Press Releases