Pentesting tests and attack techniques
In case you don’t know, penetration tests can be done to check the security of a company’s network. These are known as Penetration Testing or Pentesting and use these tools. The vast majority of companies, as we will see below, can be compromised in a month by a motivated attacker. To do this, the cybercriminal will use common techniques such as:
- Compromise credentials.
- Exploit known vulnerabilities in software and web applications.
- Take advantage of misconfigurations.
Attacks on companies increase
The Positive Technologies study examined data from safety assessments conducted from early July 2020 to late June 2021. Pentesting assessors conducted assessments of dozens of companies and used 45 projects as the basis for the report. Here, as we will see below, it has been found that most networks are vulnerable to cyber attacks.
Positive Technologies describes these cyberattacks as a series of key system compromises that then end in malicious manipulation. This, in turn, has negative effects on the business that can include interruption of production or services, compromise of executives’ identities, and theft of money or confidential data.
The report has revealed that in the 93% of the cases an external attacker could breach a company’s network. In addition, a worrying fact is that in the 71% of the cases, this cybercriminal could affect companies of a very negative way, even interrupting business processes and reducing the quality of your service.
Any business can be the victim of both a targeted and massive attack. He also adds that the number of cyber attacks is increasing year after year and the consequences are becoming more serious. An example of this damage is the ransomware attacks suffered by companies.
Networks more vulnerable than ever
In terms of how to carry out the attacks, they found that compromised credentials were the most reliable way to enter a corporate network. In this case, the use of credentials was successful in 71% of the attempts because most of the workers use weak passwords. This is telling us that networks are vulnerable and that there is a lot to work on in this regard.
On the other hand, with a 60% success rate, exploiting unpatched software with known vulnerabilities allowed the attacker to infiltrate the target company’s network. Also with 54% the misconfiguration of devices and software caused these companies to be more exposed. To this must be added that in 81% of the cases, that obtaining access to a domain administrator account, required that an attacker had only a low level of knowledge.
Also in the report it is commented that a cybercriminal with domain administrator credentials and privileges could obtain many other credentials to move laterally in the corporate network and gain access to computers and servers. These attacks are enhanced because most companies do not have network segmentation.
Their evaluations found that most companies had significant security gaps. In this regard, it should be noted that seven out of eight companies in the industrial and energy sectors were vulnerable to an attack that left that organization highly exposed. On the other hand, poor security practices led to the discovery that nine out of ten engineers had plain text documents that describe part of the network as well as containing unencrypted credentials.
Finally, companies must first identify their most critical assets and then determine what events and risks could be deemed unacceptable. Then they must concentrate efforts on protecting these systems.
