#credential-abuse

#credential-abuse

The average e-crime breakout time - the period between initial access and lateral movement onto another system - dropped to 29 minutes, a 65% increase in speed from 2024. One such intrusion undertaken by Luna Moth targeting a law firm moved from initial access to data exfiltration in four minutes.

Looking ahead to 2026, I don't expect a single "big bang" cyber event so much as a steady escalation in quiet, hard-to-spot campaigns. Instead of smashing through the front door, more attackers will simply walk in using valid credentials, abusing identity systems, single sign-on and trusted AI agents to blend into normal activity. These operations will be longer-running, more tightly linked to geopolitical and ideological tensions, and increasingly aimed at disrupting real-world services, not just stealing data.