Attackers can get into a network in 30 minutes

1 Comment

clock timer

Penetration of a local network takes between 30 minutes to 10 days and in most cases, attack complexity is low, meaning that an attack is within the capabilities of a hacker with basic skills.

Moreover there is at least one easy penetration vector in 71 percent of companies according to the research from Positive Technologies which analyzed the security of corporate information systems and prepared an overview of the most common security flaws and attack methods.

At 93 percent of companies, pentesters succeeded in breaching the network perimeter and accessing the local network. And at 68 percent of companies, successful attacks on web applications involved brute forcing attacks to crack credentials.

In 77 percent of cases penetration vectors were related to insufficient protection of web applications. Testers discovered at least one such vector at 86 percent of companies.

"Web applications are the most vulnerable component on the network perimeter," says Ekaterina Kilyusheva, head of research and analytics at Positive Technologies. "In 77 percent of cases, penetration vectors involved insufficient protection of web applications. To ensure protection, businesses need to perform security assessments of web applications regularly. Penetration testing is performed as a 'black box' analysis without access to source code, which means businesses can leave blind spots to some issues which might not be detected using this method. Therefore, companies should use a more thorough testing method as source code analysis (white box). For proactive security, we recommend using a web application firewall to prevent exploitation of vulnerabilities, even ones that have not been detected yet."

In order to protect themselves, Positive Technologies recommends that companies install OS security updates and the latest versions of the software in a timely manner and ensure that software containing known vulnerabilities do not appear on the network perimeter.

The full Penetration Testing of Corporate Information Systems report is available from the Positive Technologies site.

Photo Credit: pathdoc/Shutterstock

1 Comment

One Response to Attackers can get into a network in 30 minutes

Got News? Contact Us

Recent Headlines

Ubuntu Linux-based Voyager 24.04 LTS unites GNOME and Xfce

Kioxia unveils TransMemory U304 USB flash drive

Microsoft and Estée Lauder transform the beauty industry with AI

Microsoft and IBM open source MS-DOS 4.00

Software file converters: How they work and why you need them

Human risk management automation can help beat burnout

Vivaldi 6.7 debuts Memory Saver performance booster, expands Feed Reader capabilities

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

22 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.