New research from Positive Technologies has shed light on how easy it is for hackers to breach organizations’ local networks by exploiting known software vulnerabilities.
To compile your new corporate information systems penetration test report, the firm’s experts conducted “external pentests” on organizations in the finance, IT, fuel and energy, government, hospitality, entertainment and telecommunications industries.
Achieved 93% of organizations tested
In your tests, Positive Technologies was able to access the local network to 93 percent of the organizations tested, being the maximum number of penetration vectors detected in a single company. In addition, in one in six companies tested, it found traces of previous attacks such as web traces at the perimeter of the network, malicious links on official sites or valid credentials in public data dumps, indicating that the infrastructure may have already been infiltrated. by hackers.
The firm’s experts also found that penetration of a local network it usually takes between 30 minutes and 10 days. However, in most cases, the complexity of the attack was low, which means the attack was well within the capabilities of even a hacker with basic skills.
Research Positive Technologies also found that brute force attacks were an effective way to crack credentials when launching attacks on web applications in 68 percent of companies in which his team performed “external pentests”.
If an attacker can successfully force the password for at least one domain account, he can detect identifiers for other users by downloading the offline address book that contains all the email addresses of a company’s employees. In fact, in one of the proven organizations, the firm’s pentesters obtained more than 9,000 email addresses using this method.
Positive Technologies Research and Analysis Director Ekaterina Kilyusheva provided more information on how organizations can conduct their own penetration testing in a press release, saying:
“Web applications are the most vulnerable component at the network edge. In 77 percent of cases, the penetration vectors implied insufficient protection of the web applications. To ensure protection, companies should conduct web application security assessments regularly. Penetration testing is performed as a “black box” analysis without access to the source code, which means that companies can leave blind spots to some problems that might not be detected with this method. Therefore, companies should use a more extensive testing method such as source code analysis (white box). For proactive security, it is recommended to use a web application firewall to avoid exploiting vulnerabilities, even those that have yet to be detected. “