Network security has become a pressing concern for businesses as cyber attacks escalate in speed and sophistication. A recent report by Mandiant, a US-based cybersecurity firm, highlights the growing threat of AI-powered attacks on enterprise networks. The study reveals that attackers are now using machines that can operate at speeds far beyond those of human defenders, leaving networks vulnerable to exploitation.
The report notes that modern enterprise networks are highly distributed, with tasks often handed off to partners via software-as-a-service. This has led to a "division of labor" model, where one group uses low-impact techniques to gain access to a network, before handing off the compromised target to a secondary group for further exploitation. This process now occurs at an alarming pace, with the time to hand-off shrinking from over eight hours in 2022 to just 22 seconds in 2025.
The report also finds that the mean time to exploit vulnerabilities is plummeting, with some systems being compromised within seven days of a zero-day exploit being discovered. This rapid pace of attack and exploitation poses a significant challenge to network defenders, who must now contend with highly sophisticated and automated attacks.
The majority of secondary groups conducting hands-on-keyboard operations in compromised networks can be divided into two distinct categories. Cybercriminals are primarily motivated by financial gain, using tools like ransomware, while espionage groups are focused on long-term, stealthy access. The report highlights the need for structural changes to network defenses in order to effectively counter these emerging threats.
Mandiant's findings underscore the urgent need for enterprises to rethink their network security strategies in response to the accelerating pace of AI-powered attacks. As Nigerian businesses increasingly adopt digital technologies, they must prioritize robust network security measures to mitigate the risk of compromise. This includes investing in automated detection and response systems, as well as implementing structural changes to their networks to counter the emerging threats.
