External attackers may breach the organization’s network perimeter and obtain access to local network resources in 93% of situations while penetrating the company’s internal network takes an average of two days. An insider can get complete control of the infrastructure in 100% of the firms studied.
These are the findings of a new study report published by Positive Technologies, which examines the outcomes of penetration testing projects conducted by the firm in the second half of 2020 and the first half of 2021. Financial businesses (29%), fuel and energy organizations (18%), government (16%), industrial (16%), IT corporations (13%), and other industries were all included in the research.
Positive Technologies specialists succeeded in penetrating the network perimeter in 93% during security assessment against external threats. According to the company’s researchers, this percentage has stayed high for many years, indicating that crooks can hack practically any corporate infrastructure.
Although financial institutions are among the most secure, specialists were able to perform actions that could allow criminals to disrupt the bank’s business processes and affect the quality of the services provided as part of the verification of unacceptable events in each of the banks tested. For example, they gained access to an ATM management system, allowing attackers to steal money.
Breaching the network perimeter is the first step in an attacker’s journey from external networks to target systems. According to the study, it takes two days on average to access a company’s internal network. Credential compromise is the most common means for thieves to access a business network (71% of organizations), owing to the adoption of basic passwords, even for system management accounts.
An attacker having domain administrator privileges can get a variety of additional credentials for lateral movement across the company network and gain access to essential devices and servers. Intruders frequently use administration, virtualization, protection, or monitoring technologies to access isolated network segments.
According to the analysis, most firms’ networks are not segmented by business processes, allowing attackers to establish many attack paths concurrently and trigger numerous of a company’s unwanted events.