Pen Testers Breach Perimeter Through Web Apps

Security
Pen Testers Breach Perimeter Through Web Apps

Penetration tests help organizations gain a better understanding of how protected they are against cyber-attacks, and when Kaspersky Lab’s performed several dozen cybersecurity assessment tests on corporate networks, it found that the overall level of protection against external attackers was low or extremely low for almost half of the analyzed companies.

The report, Security Assessment of Corporate Information Systems in 2017, found that three-quarters (73%) of successful perimeter breaches in 2017 were achieved using vulnerable web applications.

Using weak or default credentials to attack publicly available management interfaces was also a common vector threat actors employed to penetrate the network perimeter. Experts gained administrative access to IT infrastructure in 29% of the external penetration tests performed, but the success rate soared to 86% of the analyzed companies when testing against internal attackers. In 42% of those cases, it took penetration testers only two steps to gain the highest privileges granting them access to important business systems.

 

“An extremely low level of protection corresponds to those cases where we were able to penetrate the network perimeter and gain access to the critical resources of the internal network,” the report stated.

While the level of protection against internal threats – a threat actor inside the corporate network – was low or extremely low for 93% of the analyzed companies, the analysis showed that organizations are better protected against external threats. The overall level of protection against external threats – an outside intruder from the internet – was low or extremely low for 43% of organizations.

“Qualitative implementation of the simple security measures like network filtering and password policy would significantly increase the security stance,” said Sergey Okhotin, senior security analyst of security services analysis at Kaspersky Lab in a press release. “For example, half of the attack vectors could have been prevented by restricting access to management interfaces.”

Articles You May Like

Are You Still on the Fence About a Family VPN?
Daily Crunch: Chinese regulators issue blanket ban on crypto trading, mining
SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices
LG is acquiring automotive cybersecurity startup Cybellum in a $240M deal
Spurned researcher posts trio of iOS zero days

Leave a Reply

Your email address will not be published. Required fields are marked *