CrowdStrike says attackers are moving through networks in under 30 minutes | CyberScoop<\/title> <meta name=\"description\" content=\"The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/crowdstrike-annual-global-threat-report-attack-breakout-time\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CrowdStrike says attackers are moving through networks in under 30 minutes\"> <meta property=\"og:description\" content=\"The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/crowdstrike-annual-global-threat-report-attack-breakout-time\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2026-02-24T08:01:00+00:00\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1770142553g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1771335878g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1767808656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/87874\"><meta name=\"generator\" content=\"WordPress 6.8.3\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=87874\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcrowdstrike-annual-global-threat-report-attack-breakout-time%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcrowdstrike-annual-global-threat-report-attack-breakout-time%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-87874 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/crowdstrike-annual-global-threat-report-attack-breakout-time\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.753846153846\">\n<div class=\"single-article__header-content\" readability=\"35.292307692308\">\n<p> The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/87874\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"360\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes.jpg?resize=640%2C360&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt=\"Abstract digital data and code matrix.\" decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg 2309w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=300,168 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=768,432 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=1024,576 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=1536,864 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=2048,1152 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=600,337 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=1200,675 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-2.jpg?resize=1498,843 1498w\" sizes=\"(max-width: 1200px) 100vw, 1200px\"> <\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"43.99672019905\"><body readability=\"92.339558127301\"><\/p>\n<p>Cyberattacks reached victims faster and came from a wider range of threat groups than ever last year, CrowdStrike said in its <a href=\"https:\/\/www.crowdstrike.com\/en-us\/global-threat-report\/\">annual global threat report<\/a> released Tuesday, adding that cybercriminals and nation-states increasingly relied on predictable tactics to evade detection by exploiting trusted systems.<\/p>\n<p>The average breakout time \u2014 how long it took financially-motivated attackers to move from initial intrusion to other network systems \u2014 dropped to 29 minutes in 2025, a 65% increase in speed from the year prior. \u201cThe fastest breakout time a year ago was 51 seconds. This year it\u2019s 27 seconds,\u201d Adam Meyers, head of counter adversary operations at CrowdStrike, told CyberScoop.<\/p>\n<p>Defenders are falling behind because attackers are refining their techniques, using social engineering to access high-privilege systems faster and move through victims\u2019 cloud infrastructure undetected.<\/p>\n<p>\u201cThreat actors are exploiting those cross-domain gaps to gain access to environments, so they\u2019re wriggling in between the seams in cloud, identity, enterprise and unmanaged network devices,\u201d Meyers said. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Starting from an already disadvantaged position \u2014 made worse by faster attacks and living-off-the-land techniques \u2014 defenders face burnout, stress and other factors that can lead to mistakes, he added. <\/p>\n<p>The myriad sources of these problems are spreading, too. <\/p>\n<p>CrowdStrike tracked 281 threat groups at the end of 2025, including 24 new threats it named throughout the year. Researchers at the cybersecurity firm are also tracking 150 active malicious activity clusters and emerging threat groups.<\/p>\n<p>Cybercriminals seeking a payout and nation states committing espionage or implanting footholds into critical infrastructure for prolonged access are increasingly seizing on security weaknesses in cloud-based environments to break into victim networks. <\/p>\n<p>These cloud-focused attacks have seen a reported 37% year-over-year increase, with a 266% surge in this activity from nation-state threat groups.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The vast majority of attacks detected last year, 82%, were free of malware \u2014 highlighting attackers\u2019 enduring shift toward hands-on-keyboard operations and the abuse of legitimate tools and credentials, CrowdStrike said in the report. More than 1 in 3 incident response cases involving cloud intrusions last year were linked back to a valid or abused credential that granted attackers access, according to CrowdStrike. <\/p>\n<p>Attacks originating from or sponsored by North Korea increased 130% last year, while incidents linked to China jumped 38% during the same period.<\/p>\n<p>Chinese threat groups achieved immediate system access with two-thirds of the vulnerabilities they exploited last year, and 40% of those exploits targeted edge devices.<\/p>\n<p>Zero-day exploits \u2014 especially defects in edge devices such as firewalls, routers and virtual private networks \u2014 allowed nation-state and cybercrime threat groups to break into systems, execute code and escalate privileges undetected.<\/p>\n<p>CrowdStrike said it observed a 42% year-over-year increase in the number of zero-day vulnerabilities exploited prior to public disclosure last year. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Meyers said he expects that number to grow further, predicting an explosion of activity from attackers using artificial intelligence to find and exploit zero-day vulnerabilities in various products during the next three to nine months.<\/p>\n<p>CrowdStrike\u2019s annual global threat report is full of figures moving in the wrong direction, yet the most worrying finding for Meyers comes down to attacker speed.<\/p>\n<p>\u201cThe speed at which we\u2019re seeing these breakout times accelerate is one of the markers,\u201d he said, adding that it\u2019s only a matter of time before the fastest attacks drop down to seconds, if not milliseconds.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"2.9635922330097\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2026\/02\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/crowdstrike-annual-global-threat-report-attack-breakout-time\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CrowdStrike says attackers are moving through networks in under 30<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6043,271,1891,2350,282,78,2182,281,3707,4838,647,46,256,2533,1999,288,1544,5292,1170],"tags":[6044,277,1893,2354,286,86,2185,285,3708,4841,240,54,262,2536,2002,294,1545,5296,1171],"class_list":["post-8376","post","type-post","status-publish","format-standard","hentry","category-breakout-time","category-china","category-cloud-computing","category-crowdstrike","category-cybercrime","category-cybersecurity","category-edge-devices","category-hacking","category-nation-state-threats","category-network-edge-devices","category-north-korea","category-ransomware","category-research","category-social-engineering","category-stolen-credentials","category-threats","category-zero-day","category-zero-day-exploit","category-zero-days","tag-breakout-time","tag-china","tag-cloud-computing","tag-crowdstrike","tag-cybercrime","tag-cybersecurity","tag-edge-devices","tag-hacking","tag-nation-state-threats","tag-network-edge-devices","tag-north-korea","tag-ransomware","tag-research","tag-social-engineering","tag-stolen-credentials","tag-threats","tag-zero-day","tag-zero-day-exploit","tag-zero-days"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/breakout-time\/\" rel=\"category tag\">Breakout time<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cloud-computing\/\" rel=\"category tag\">cloud computing<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/crowdstrike\/\" rel=\"category tag\">CrowdStrike<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/edge-devices\/\" rel=\"category tag\">edge devices<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/hacking\/\" rel=\"category tag\">hacking<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nation-state-threats\/\" rel=\"category tag\">nation state threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/network-edge-devices\/\" rel=\"category tag\">network edge devices<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/north-korea\/\" rel=\"category tag\">North Korea<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/social-engineering\/\" rel=\"category tag\">Social engineering<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/stolen-credentials\/\" rel=\"category tag\">stolen credentials<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-day\/\" rel=\"category tag\">Zero-day<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-day-exploit\/\" rel=\"category tag\">zero-day exploit<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/zero-days\/\" rel=\"category tag\">zero-days<\/a>","tag_info":"zero-days","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=8376"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/8376\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=8376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=8376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=8376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":8376,"date":"2026-02-24T02:01:00","date_gmt":"2026-02-24T08:01:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=87874"},"modified":"2026-02-24T02:01:00","modified_gmt":"2026-02-24T08:01:00","slug":"crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2026\/02\/24\/crowdstrike-says-attackers-are-moving-through-networks-in-under-30-minutes\/","title":{"rendered":"CrowdStrike says attackers are moving through networks in under 30 minutes"},"content":{"rendered":"