Hackers can penetrate corporate systems very fast. Businesses need to be alert to avoid being caught off-guard now that hackers are conducting most attacks with minimal experience. They are succeeding because loopholes exist everywhere.
A recent report from Positive Technologies revealed that hackers could infiltrate an organization’s local network in just 30 minutes. The research was conducted to test the systems of businesses in a variety of industries.
The findings unpacked that Positive Technologies managed to penetrate 93% of all the systems tested. Besides, some networks could be breached with up to 13 different methods.
Low-level attackers are a threat too
According to the report, the complexity of the method used to deploy the breach was low, implying that an inexperienced attacker could also be a threat to the systems’ security.
Similarly, web applications that were poorly designed served as an easy penetration vector in most cases, simply because they could not resist brute force attacks. There was at least one easy penetration vector, such as the one mentioned above, in 71% of the test companies.
Traces of earlier attacks were also found in one out of every six established companies. Malicious links, valid credentials, and web shells were some of the trails found by the researchers.
Testing and new safeguards are the way to go
The Head of Research and Analytics at Positive Technologies, Ekaterina Kilyusheva, said, “Web applications are the most vulnerable component on the network perimeter. To ensure protection, businesses need to perform security assessments of web applications regularly.”
Ekaterina also suggested that companies perform a thorough test on their systems using a method that gives access to the source code.
In this case, the method would be source code analysis (white box), which will enable businesses to cover for any issues that ‘black box’ analysis may have left out during the penetration testing.