IT disaster recovery, cloud computing and information security news

Penetration testing study shows that 93 percent of company networks can be infiltrated

Positive Technologies has issued a new research report analyzing results of the company’s penetration testing projects caried out in the second half of 2020 and first half of 2021. In 93 percent of cases, an external attacker can breach the organization’s network perimeter and gain access to local network resources.

An attacker's path from external networks to target systems begins with breaching the network perimeter. According to this research, on average, it takes two days to penetrate a company's internal network. Credential compromise is the main way criminals can penetrate a corporate network (71 percent of companies), primarily because of simple passwords used, including for accounts used for system administration.

An attacker who has the credentials with domain administrator privileges can obtain many other credentials for lateral movement across the corporate network and access to key computers and servers.

Administration, virtualization, protection, or monitoring tools often help an intruder gain access to isolated network segments. According to the study, most organizations have no segmentation of the network by business processes, and this allows attackers to develop several attack vectors simultaneously, and trigger several of a company’s unacceptable events.

Obtain the report.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.