{"id":3679,"date":"2021-12-17T03:48:00","date_gmt":"2021-12-17T03:48:00","guid":{"rendered":"https:\/\/www.adminbyrequest.com\/?p=3679"},"modified":"2026-01-25T07:56:13","modified_gmt":"2026-01-25T07:56:13","slug":"time-flies-when-youre-getting-hacked","status":"publish","type":"post","link":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked","title":{"rendered":"Time Flies When You&#8217;re Getting Hacked"},"content":{"rendered":"\n<p><a href=\"https:\/\/www.ibm.com\/security\/data-breach\" target=\"_blank\" rel=\"noreferrer noopener\">IBM&#8217;s 2021 Cost of a Data Breach Report<\/a>&nbsp;is out &#8211; and it&#8217;s as disheartening as ever.<\/p>\n\n\n\n<p>We&#8217;re ignoring the money side of things today and focusing on the time side, and the sad fact of the matter is&#8230; time is<em>&nbsp;not<\/em>&nbsp;on your side.<\/p>\n\n\n\n<p>The report revealed the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The average number of days it took for organizations to identify and contain a data breach in 2021 was&nbsp;<strong>287<\/strong>.<\/li>\n\n\n\n<li>Of that 287,&nbsp;<strong>212<\/strong>&nbsp;was the average number of days it took&nbsp;<em>solely<\/em>&nbsp;for identification.<\/li>\n\n\n\n<li>A further&nbsp;<strong>75<\/strong>&nbsp;days were required on average to contain the breach after discovery.<\/li>\n\n\n\n<li>The average cost of a data breach with a lifecycle of over 200 days was&nbsp;<strong>$4.87 million&nbsp;<\/strong>USD.<\/li>\n\n\n\n<li>The data breach lifecycle took, on average,&nbsp;<strong>a week longer<\/strong>&nbsp;in 2021 than it did in 2020.<\/li>\n\n\n\n<li>Organizations that had more than a 50% remote-workforce took an&nbsp;<strong>extra 58<\/strong>&nbsp;days to identify and contain the breach.<\/li>\n<\/ul>\n\n\n\n<p>So, there are the numbers, in all their glory. To get a better shot at reducing them, let&#8217;s break them down.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Halt Hackers<\/h2>\n\n\n\n<p>A few years ago at the Microsoft Ignite conference \u2013 an annual event for developers and IT professionals \u2013 Raymond Comvalius did a presentation titled&nbsp;<em>Halt Hackers<\/em>, discussing the increasing sophistication of attacks and what you can do to protect yourself from them.<\/p>\n\n\n\n<p>During the presentation, Raymond discussed a concept called&nbsp;<em>The Attack Timeline<\/em><em>:<\/em>&nbsp;a breakdown spanning from the pre-attack planning stage, to the point of gaining entry, to when the attack is finally discovered.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The Attacker Decision Cycle<\/h2>\n\n\n\n<p><em>Halt Hackers<\/em>&nbsp;likens the hacker decision cycle to the process of physically robbing of a bank.<\/p>\n\n\n\n<p>Before any physical infiltration, there comes an decision cycle or &#8216;plan of attack&#8217; by the bad guys &#8211; because one does not simply rob a bank on a whim (well, the successful bank robbers don\u2019t anyway).<\/p>\n\n\n\n<p>Cyber security infiltrations are no different.<\/p>\n\n\n\n<p>The following four stages comprise the attack cycle:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Observe<\/strong>&nbsp;\u2013 Hackers watch you. They observe what you do in your network.<\/li>\n\n\n\n<li><strong>Orient<\/strong>&nbsp;\u2013 They tailor and adapt to the circumstances within your network, aligning themselves to the environment.<\/li>\n\n\n\n<li><strong>Decide<\/strong>&nbsp;\u2013 They decide on the attack path.<\/li>\n\n\n\n<li><strong>Act<\/strong>&nbsp;\u2013 They use this path to act and bring the entire organization down.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">The Attack Timeline<\/h2>\n\n\n\n<p>The attacker decision cycle described above occurs during the&nbsp;<em>Research and Preparation<\/em>&nbsp;segment of the Attack Timeline below:<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.adminbyrequest.com\/Images\/Blogs\/Attack%20Timeline%20Graphic-01.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>According to the timeline, once the&nbsp;<em>Act<\/em>&nbsp;stage of the attacker decision cycle ensues and the first host is compromised, the victim organization has 24 to 48 hours to detect an attack.<\/p>\n\n\n\n<p>After this amount of time, hackers statistically have escalated to domain admin and the company is\u2026 [insert expletive of choice here].<\/p>\n\n\n\n<p>Once domain admin has been compromised and attackers are inside your network, we know they can resist detection there for upwards of 200 days before you find them or find out that you\u2019ve been hacked.<\/p>\n\n\n\n<p><em>Halt Hacker&#8217;s<\/em>&nbsp;makes a note of the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Attacks are becoming increasingly sophisticated. Attack operators are targeting information on any device or service, exploiting any weaknesses they can find.<\/li>\n\n\n\n<li>Attackers often target<strong>&nbsp;Active Directory<\/strong>&nbsp;(<strong>AD<\/strong>), as gaining access to&nbsp;<strong>AD<\/strong>&nbsp;means attackers can cause damage on a much larger scale.<\/li>\n<\/ul>\n\n\n\n<p>o&nbsp;<strong>Active Directory<\/strong>&nbsp;(<strong>AD<\/strong>) is a set of processes and services created by Microsoft for use on Windows operating systems; with one of these services being&nbsp;<strong>Domain Services<\/strong>&nbsp;(<strong>AD DS<\/strong>). A server running&nbsp;<strong>AD DS<\/strong>&nbsp;is also known as a domain controller. It is the center for domain management, essentially used to govern over devices on a network: allowing network admins to create and manage users and domains, access network resources and manage permissions.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Current detection tools often miss attacks, meaning many go undetected until the damage has been done. Hackers enlist many techniques to help them stay hidden; one of these is clearing the&nbsp;<strong>Security Log<\/strong>&nbsp;\u2013&nbsp;<em>Windows Security Event ID 1102<\/em>. Seeing this error can often mean a hacker has done this in an attempt to cover their tracks and the event needs to be investigated.<\/li>\n<\/ul>\n\n\n\n<p>o The&nbsp;<strong>Security Log<\/strong>&nbsp;tracks security-related activity on an IT system, such as log ins or log outs and other security events specific to the system it is logging on.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Response and recovery from a data breach once an attack is discovered is often costly and challenging, requiring advanced expertise and tools.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">The Power of Protecting the Endpoint<\/h2>\n\n\n\n<p>Rather than spending large amounts of money on recovery after suffering from a breach, you ideally need to stop the breach from occurring in the first place \u2013 or at least detect it within the critical 24 to 48 hours that it takes for an attacker to gain domain admin access.<\/p>\n\n\n\n<p>We&#8217;ve discussed attackers exploiting any vulnerability or weakness they can find: one of these is the end user&nbsp;\u2013 the &#8216;doorway&#8217; that attackers often use to gain access to the entire IT network.<\/p>\n\n\n\n<p>Protecting this doorway is achieved by protecting the local administrator &#8211; something you can do with the help of a&nbsp;<strong>Privileged Access Management<\/strong>&nbsp;(<strong>PAM<\/strong>) solution such as Admin By Request.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Privileged Access Management: Admin By Request<\/h2>\n\n\n\n<p><strong>PAM<\/strong>&nbsp;allows you to manage, monitor and secure access to your companies\u2019 network and everything on it.<\/p>\n\n\n\n<p>A good&nbsp;<strong>PAM<\/strong>&nbsp;solution should protect the endpoint: by managing local administrators, reporting changes in the local administrator\u2019s group, monitoring client event logs, and sending alerts to keep you in the know.<\/p>\n\n\n\n<p>All of these mechanisms help to ensure that an attacker can\u2019t escalate to domain admin and then roam undetected on your network for 200 days before being discovered.<\/p>\n\n\n\n<p>Admin By Request\u2019s&nbsp;<strong>PAM<\/strong>&nbsp;solution covers all bases.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Admin By Request manages local administrators by&nbsp;<a href=\"https:\/\/www.adminbyrequest.com\/en\/blogs\/revoke-no-big-deal-no-big-squeal\" target=\"_blank\" rel=\"noreferrer noopener\">smoothly and efficiently revoking administrator rights<\/a>. Limiting the number of privileged accounts in your network lessens the attack surface, making it much harder for hackers to compromise a domain admin \u2013 particularly within 24 to 48 hours.<\/li>\n\n\n\n<li>Admin By Request reports changes in local administrator groups and displays the data within the software\u2019s user portal, using graphics such as the following to illustrate the current status of admins:<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.adminbyrequest.com\/Images\/Blogs\/Reporting%20changes.jpg\" alt=\"\"\/><\/figure>\n\n\n\n<p>Changes to local admins or within local admin groups can indicate privilege escalation, which is the goal for many hackers attempting to infiltrate entire networks. Reporting tools such as the one above make it much harder for an attacker to successfully escalate from their first host \u2013 most likely a regular user \u2013 to a privileged account without being detected.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The Admin By Request auditlog monitors what your users are doing when they\u00a0<a href=\"\/en\/blogs\/local-admin-rights-elevation-served-three-ways\" target=\"_blank\" rel=\"noreferrer noopener\">run applications as administrator<\/a>\u00a0or have a\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.adminbyrequest.com\/en\/blogs\/local-admin-rights-elevation-served-three-ways\" target=\"_blank\">timed session as administrator<\/a>\u00a0\u2013 two of the self-initiated methods provided by Admin By Request so that regular users can do what they need to do unhindered. The auditlog reports on user activity that could indicate attempts at privilege escalation. Requests for escalated privileges \u2013 and the logging that goes along with them \u2013 is available via the Admin By Request user portal and the IOS and Android compatible app.<\/li>\n\n\n\n<li>Admin By Request\u2019s alerting keeps you a step ahead of hackers on the attack timeline. As well as sending you email&nbsp;alerts when malware is detected by&nbsp;<a href=\"https:\/\/www.opswat.com\/developers\/metadefender-cloud-api\" target=\"_blank\" rel=\"noreferrer noopener\">Opswat\u2019s MetaDefender Cloud<\/a>&nbsp;\u2013 integrated into Admin By Request \u2013 this&nbsp;<strong>PAM<\/strong>&nbsp;solution also alerts you to the activities it&#8217;s monitored throughout the week&nbsp;in the form of a weekly digest. One of these is administrator groups (see the image above). The weekly digest also covers the following:<\/li>\n<\/ul>\n\n\n\n<p>o User Elevations<\/p>\n\n\n\n<p>o Elevated Applications<\/p>\n\n\n\n<p>o User Installs<\/p>\n\n\n\n<p>o User Requests<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.adminbyrequest.com\/Images\/Blogs\/Weekly%20Digest-01.png\" alt=\"\"\/><\/figure>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/www.adminbyrequest.com\/Images\/Blogs\/Weekly%20Digest-04.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Constantly keeping you updated with a weekly breakdown leaves little wiggle room for hackers to move about freely without triggering investigation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p>With a comprehensive&nbsp;<strong>PAM<\/strong>&nbsp;solution like Admin By Request managing, reporting, logging, and alerting, the attack timeline is halted long before domain admin can be compromised.<\/p>\n\n\n\n<p>You can rest assured knowing the ability for an attacker to escalate up the ranks of privilege and remain undetected on your network for 212 days is practically impossible.<\/p>\n\n\n\n<p>Many thanks to Raymond Comvalius and Erdal Ozkaya for their work on&nbsp;<em>Halt Hackers<\/em>, and the team at IBM &#8211; the inspiration for this blog.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In 2021 it took organizations an average of 212 days to discover a data breach &#8211; that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.<\/p>\n","protected":false},"author":2,"featured_media":3680,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[36],"tags":[130,131,90,129,106,149,91,151,150,82,67,68,132,79],"ppma_author":[10],"class_list":["post-3679","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blogs","tag-antimalware","tag-antivirus","tag-cyber-criminal","tag-cyberattack","tag-features","tag-hacked","tag-hacker","tag-infection","tag-infiltration","tag-malware","tag-pam","tag-privileged-access-management","tag-protection","tag-ransomware","entry","has-media"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO Pro 4.9.5.2 - aioseo.com -->\n\t<meta name=\"description\" content=\"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.\" \/>\n\t<meta name=\"robots\" content=\"max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n\t<meta name=\"author\" content=\"S Dodson\"\/>\n\t<meta name=\"keywords\" content=\"antimalware,antivirus,cyber criminal,cyberattack,features,hacked,hacker,infection,infiltration,malware,pam,privileged access management,protection,ransomware\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO Pro (AIOSEO) 4.9.5.2\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Admin By Request \u00bb Local Admin Rights, Managed.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request\" \/>\n\t\t<meta property=\"og:description\" content=\"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2021-12-17T03:48:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2026-01-25T07:56:13+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/adminbyrequest\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@AdminByRequest\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request\" \/>\n\t\t<meta name=\"twitter:description\" content=\"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.\" \/>\n\t\t<meta name=\"twitter:creator\" content=\"@AdminByRequest\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#blogposting\",\"name\":\"Time Flies When You\\u2019re Getting Hacked \\u00bb Admin By Request\",\"headline\":\"Time Flies When You&#8217;re Getting Hacked\",\"author\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/author\\\/sophie-admin#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/Prism2.png\",\"width\":2000,\"height\":1118,\"caption\":\"Orange and black digital artwork of many prisms making a 3d like pathway.\"},\"datePublished\":\"2021-12-17T03:48:00+00:00\",\"dateModified\":\"2026-01-25T07:56:13+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#webpage\"},\"articleSection\":\"Blogs, Antimalware, Antivirus, Cyber Criminal, Cyberattack, Features, Hacked, Hacker, Infection, Infiltration, Malware, PAM, Privileged Access Management, Protection, Ransomware, Steve Dodson\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/category\\\/blogs#listItem\",\"name\":\"Blogs\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/category\\\/blogs#listItem\",\"position\":2,\"name\":\"Blogs\",\"item\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/category\\\/blogs\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#listItem\",\"name\":\"Time Flies When You&#8217;re Getting Hacked\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#listItem\",\"position\":3,\"name\":\"Time Flies When You&#8217;re Getting Hacked\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/category\\\/blogs#listItem\",\"name\":\"Blogs\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/#organization\",\"name\":\"Admin By Request\",\"description\":\"Local Admin Rights, Managed.\",\"url\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/\",\"telephone\":\"+12622994600\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/Circle-Tick-24.svg\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/adminbyrequest\",\"https:\\\/\\\/twitter.com\\\/AdminByRequest\",\"https:\\\/\\\/www.instagram.com\\\/AdminByRequest\\\/\",\"https:\\\/\\\/www.tiktok.com\\\/@adminbyrequest\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCwq1wlbT9m_z3YH-EPaZqKw\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/adminbyrequest\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/author\\\/sophie-admin#author\",\"url\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/author\\\/sophie-admin\",\"name\":\"S Dodson\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#webpage\",\"url\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked\",\"name\":\"Time Flies When You\\u2019re Getting Hacked \\u00bb Admin By Request\",\"description\":\"In 2021 it took organizations an average of 212 days to discover a data breach - that\\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\\u2019ve gained initial access to your system. Here\\u2019s how to disrupt the attack timeline so they can\\u2019t escalate up the ranks of privilege undetected.\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/author\\\/sophie-admin#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/author\\\/sophie-admin#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/Prism2.png\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked\\\/#mainImage\",\"width\":2000,\"height\":1118,\"caption\":\"Orange and black digital artwork of many prisms making a 3d like pathway.\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/blogs\\\/time-flies-when-youre-getting-hacked#mainImage\"},\"datePublished\":\"2021-12-17T03:48:00+00:00\",\"dateModified\":\"2026-01-25T07:56:13+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/\",\"name\":\"Admin By Request\",\"alternateName\":\"ABR\",\"description\":\"Local Admin Rights, Managed.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.adminbyrequest.com\\\/en\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<script type=\"text\/javascript\">\n\t\t\t(function(c,l,a,r,i,t,y){\n\t\t\tc[a]=c[a]||function(){(c[a].q=c[a].q||[]).push(arguments)};t=l.createElement(r);t.async=1;\n\t\t\tt.src=\"https:\/\/www.clarity.ms\/tag\/\"+i+\"?ref=aioseo\";y=l.getElementsByTagName(r)[0];y.parentNode.insertBefore(t,y);\n\t\t})(window, document, \"clarity\", \"script\", \"n4woz8og40\");\n\t\t<\/script>\n\t\t<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https:\/\/www.googletagmanager.com\/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer',\"GTM-PGQ6572W\");<\/script>\n\t\t<!-- All in One SEO Pro -->\r\n\t\t<title>Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request<\/title>\n\n","aioseo_head_json":{"title":"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request","description":"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.","canonical_url":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked","robots":"max-snippet:-1, max-image-preview:large, max-video-preview:-1","keywords":"antimalware,antivirus,cyber criminal,cyberattack,features,hacked,hacker,infection,infiltration,malware,pam,privileged access management,protection,ransomware","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#blogposting","name":"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request","headline":"Time Flies When You&#8217;re Getting Hacked","author":{"@id":"https:\/\/www.adminbyrequest.com\/en\/author\/sophie-admin#author"},"publisher":{"@id":"https:\/\/www.adminbyrequest.com\/en\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2022\/10\/Prism2.png","width":2000,"height":1118,"caption":"Orange and black digital artwork of many prisms making a 3d like pathway."},"datePublished":"2021-12-17T03:48:00+00:00","dateModified":"2026-01-25T07:56:13+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#webpage"},"isPartOf":{"@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#webpage"},"articleSection":"Blogs, Antimalware, Antivirus, Cyber Criminal, Cyberattack, Features, Hacked, Hacker, Infection, Infiltration, Malware, PAM, Privileged Access Management, Protection, Ransomware, Steve Dodson"},{"@type":"BreadcrumbList","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en#listItem","position":1,"name":"Home","item":"https:\/\/www.adminbyrequest.com\/en","nextItem":{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en\/category\/blogs#listItem","name":"Blogs"}},{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en\/category\/blogs#listItem","position":2,"name":"Blogs","item":"https:\/\/www.adminbyrequest.com\/en\/category\/blogs","nextItem":{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#listItem","name":"Time Flies When You&#8217;re Getting Hacked"},"previousItem":{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#listItem","position":3,"name":"Time Flies When You&#8217;re Getting Hacked","previousItem":{"@type":"ListItem","@id":"https:\/\/www.adminbyrequest.com\/en\/category\/blogs#listItem","name":"Blogs"}}]},{"@type":"Organization","@id":"https:\/\/www.adminbyrequest.com\/en\/#organization","name":"Admin By Request","description":"Local Admin Rights, Managed.","url":"https:\/\/www.adminbyrequest.com\/en\/","telephone":"+12622994600","logo":{"@type":"ImageObject","url":"\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked\/#organizationLogo"},"image":{"@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked\/#organizationLogo"},"sameAs":["https:\/\/www.facebook.com\/adminbyrequest","https:\/\/twitter.com\/AdminByRequest","https:\/\/www.instagram.com\/AdminByRequest\/","https:\/\/www.tiktok.com\/@adminbyrequest","https:\/\/www.youtube.com\/channel\/UCwq1wlbT9m_z3YH-EPaZqKw","https:\/\/www.linkedin.com\/company\/adminbyrequest\/"]},{"@type":"Person","@id":"https:\/\/www.adminbyrequest.com\/en\/author\/sophie-admin#author","url":"https:\/\/www.adminbyrequest.com\/en\/author\/sophie-admin","name":"S Dodson"},{"@type":"WebPage","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#webpage","url":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked","name":"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request","description":"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/www.adminbyrequest.com\/en\/#website"},"breadcrumb":{"@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#breadcrumblist"},"author":{"@id":"https:\/\/www.adminbyrequest.com\/en\/author\/sophie-admin#author"},"creator":{"@id":"https:\/\/www.adminbyrequest.com\/en\/author\/sophie-admin#author"},"image":{"@type":"ImageObject","url":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2022\/10\/Prism2.png","@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked\/#mainImage","width":2000,"height":1118,"caption":"Orange and black digital artwork of many prisms making a 3d like pathway."},"primaryImageOfPage":{"@id":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked#mainImage"},"datePublished":"2021-12-17T03:48:00+00:00","dateModified":"2026-01-25T07:56:13+00:00"},{"@type":"WebSite","@id":"https:\/\/www.adminbyrequest.com\/en\/#website","url":"https:\/\/www.adminbyrequest.com\/en\/","name":"Admin By Request","alternateName":"ABR","description":"Local Admin Rights, Managed.","inLanguage":"en-US","publisher":{"@id":"https:\/\/www.adminbyrequest.com\/en\/#organization"}}]},"og:locale":"en_US","og:site_name":"Admin By Request \u00bb Local Admin Rights, Managed.","og:type":"article","og:title":"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request","og:description":"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.","og:url":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked","og:image":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg","og:image:secure_url":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg","article:published_time":"2021-12-17T03:48:00+00:00","article:modified_time":"2026-01-25T07:56:13+00:00","article:publisher":"https:\/\/www.facebook.com\/adminbyrequest","twitter:card":"summary_large_image","twitter:site":"@AdminByRequest","twitter:title":"Time Flies When You\u2019re Getting Hacked \u00bb Admin By Request","twitter:description":"In 2021 it took organizations an average of 212 days to discover a data breach - that\u2019s a long time compared to the 24-48 hours it takes a hacker to compromise domain admin once they\u2019ve gained initial access to your system. Here\u2019s how to disrupt the attack timeline so they can\u2019t escalate up the ranks of privilege undetected.","twitter:creator":"@AdminByRequest","twitter:image":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2023\/05\/Circle-Tick-24.svg"},"aioseo_meta_data":{"post_id":"3679","title":"#post_title #separator_sa #site_title","description":"#post_excerpt","keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"seo_analyzer_scan_date":"2026-01-25 08:00:20","breadcrumb_settings":null,"limit_modified_date":false,"reviewed_by":null,"open_ai":null,"ai":null,"created":"2023-05-22 21:59:15","updated":"2026-01-25 08:00:20"},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.adminbyrequest.com\/en\" title=\"Home\">Home<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.adminbyrequest.com\/en\/category\/blogs\" title=\"Blogs\">Blogs<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u00bb<\/span><span class=\"aioseo-breadcrumb\">\n\tTime Flies When You\u2019re Getting Hacked\n<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/www.adminbyrequest.com\/en"},{"label":"Blogs","link":"https:\/\/www.adminbyrequest.com\/en\/category\/blogs"},{"label":"Time Flies When You&#8217;re Getting Hacked","link":"https:\/\/www.adminbyrequest.com\/en\/blogs\/time-flies-when-youre-getting-hacked"}],"authors":[{"term_id":10,"user_id":0,"is_guest":1,"slug":"steve-dodson","display_name":"Steve Dodson","avatar_url":{"url":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2022\/09\/SteveHeadshotSquareABR.png","url2x":"https:\/\/www.adminbyrequest.com\/en\/wp-content\/uploads\/2022\/09\/SteveHeadshotSquareABR.png"},"author_category":"","user_url":"","last_name":"Dodson","first_name":"Steve","job_title":"","description":"Steve provides research, analysis, insight and commentary on topical issues and events. He lives in New Zealand and has been working at FastTrack Software for 12 years as a cyber security analyst and technical writer."}],"_links":{"self":[{"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/posts\/3679","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/comments?post=3679"}],"version-history":[{"count":2,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/posts\/3679\/revisions"}],"predecessor-version":[{"id":11209,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/posts\/3679\/revisions\/11209"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/media\/3680"}],"wp:attachment":[{"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/media?parent=3679"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/categories?post=3679"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/tags?post=3679"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.adminbyrequest.com\/en\/wp-json\/wp\/v2\/ppma_author?post=3679"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}