You Have Around 20 Minutes To Contain a Russian APT Attack

When a Russian nation-state actor attacks a government or a private organization, they have about 20 minutes to detect and contain the attack. From a report: New statistics published today by US cyber-security firm Crowdstrike ranked threat groups based on their "breakout time." "Breakout time" refers to the time a hacker group takes from gaining initial access to a victim's computer to moving laterally through its network. This includes the time the attacker spends scanning the local network and deploying exploits in order to escalate his access to other nearby computers.

[...] According to data gathered from 2018 hack investigations, CrowdStrike says Russian hackers (which the company calls internally "Bears") have been the most prolific and efficient hacker groups last year, with an average breakout time of 18 minutes and 49 seconds.

Re:The same dudes that "investigated" the DNC serv

Crowdstrike story

They have a history of blaming Russia for every hack even if Russia was not involved. They have 2 big cases where they falsely blamed Russia, one a hack in the Ukraine, the second the DNC email server. That's right, the DNC server that the FBI never examined, we were told was hacked by Russia by Comey. Well the people who told him admitted they lied, before Comey came out and told Congress under oath.

So Crowdstrike yelling "RUSSIA!!!" isn't new. Them providing proof would be.