Most corporate networks can be breached in two days - research


It takes a mere couple of days to breach the network perimeter, and in 100% of the cases, researchers could gain complete control over the infrastructure.

A yearlong analysis spanning from the second half of 2020 to the first half of 2021 shows that dedicated attackers can always breach company networks.

No one is spared, as the tests were successful with banks, energy, IT companies, and government agencies, a recent report by Positive Technologies shows.

In 93%of cases, an external attacker can breach the organization's network perimeter to local network resources, and on average, it takes only two days to penetrate the company's internal network.

In every single case, researchers were able to take over the infrastructure.

According to Ekaterina Kilyusheva, Head of Research and Analytics, Positive Technologies, researchers specifically tried to simulate 'unacceptable events,' attacks that would either disrupt the technological processes or lead to theft of funds.

In 71% of cases, researchers were successful in simulating such attacks.

"Our researchers also found that a criminal would need no more than a month to conduct an attack which would lead to the triggering of an unacceptable event. And attacks on some systems can be developed in a matter of days," Kilyusheva claims.

The researchers carried out simulated attacks with consent from targeted companies. Interestingly, financial institutions that are often deemed most resilient to attacks, all had their networks penetrated.

Researchers claim that banking business processes and quality of services would have been impacted if the attacks were real. For example, researchers were even successful in accessing ATM management systems.

A real-life attack of this kind would allow perpetrators to steal funds from the bank.

The report's authors claim that credential compromise is the key weapon in an attacker's arsenal, allowing to penetrate corporate networks, with 71% of companies breached because of inadequate passwords for user and administrative accounts.

The study shows that most organizations have no segmentation of the network by business processes, allowing threat actors to develop several attack vectors simultaneously.

"To make it more difficult for an attacker to advance inside the corporate network toward the target systems, there are a number of interchangeable and complementary measures organizations can take, including separation of business processes, configuration of security control, enhanced monitoring, and lengthening of the attack chain, "Kilyusheva explained.

Exploiting known software vulnerabilities (60%) was the second most successful tool for compromising networks, followed by configuration flaws (54%) and exploiting vulnerabilities in web application code (43%).


More from CyberNews:

ADVERTISEMENT

Phishers impersonate Pfizer to harvest banking details and other credentials

UK police data leaked by Cl0p ransomware group

Belgian defense ministry hit by cyberattack, threat actors exploited Log4Shell

Log4j saga: the first patch is already being exploited

Facebook exposes mercenary spy firms that targeted 50,000 people

Subscribe to our newsletter