Cybercriminals are moving through compromised systems faster than many organisations can react, according to thelatest findings from CrowdStrike. The company's latest threat analysis warns that the pace of cyber intrusions is accelerating sharply, with one attack observed spreading across a network in just 27 seconds.

The alarming figure appears in the company's2026 Global Threat Report, which analyses global cyber threat activity and attacker behaviour. The report suggests that artificial intelligence and increasingly sophisticated tactics are helping threat actors move more quickly than ever inside targeted organisations.

Security analysts use the term 'breakout time' to describe the period between the moment an attacker first gains access to a system and when they move laterally to other machines within the network.

The report indicates that the average breakout time it takes financially motivated cybercriminals to break in has reduced to 29 minutes in 2025, which is a remarkable decrease compared to the past years.

Still more impressive was the fastest incident recorded: only 27 seconds. Practically, that implies that a skilled attacker might be able to move from one compromised endpoint to additional systems almost in real-time if defences are not automated and immediate.

Security experts say the shrinking window makes early detection critical. Once attackers begin moving laterally, they can escalate privileges, locate sensitive data, or deploy ransomware before many security teams even realise an intrusion has begun.

Another significant theme of the report is the increasing use of artificial intelligence in cyber operations. Researchers discovered that attackers are increasingly leveraging AI to automate reconnaissance, generate malicious scripts, and refinephishing or credential-theft efforts. Overall, operations by AI-enabled adversaries rose by 89% compared with the previous year.

The report also highlights a new risk: AI systems themselves becoming targets. Threat actors have been observed injecting malicious prompts into generative AI tools in attempts to produce commands that steal credentials or digital assets. In some cases, vulnerabilities in AI development platforms were exploited to maintain persistence inside compromised environments.

Security researchers warn that as businesses adopt AI widely, the technology expands the overall attack surface available to criminals and nation-state hackers.

Another issue of concern identified in the analysis is that attackers are increasingly exploiting legitimate services and trusted systems, not just malware. Most of the intrusions now move through cloud platforms, SaaS solutions, and compromised identities, making malicious traffic more difficult to identify.

Source: International Business Times UK