Research Reveals Only 4% of Organizations Protected Their Internal Networks Against Cyberattacks

The fastest time to penetrate the local network was one day.

Reading Time: 2 min  


  • [Image source: Krishna Prasad/MITSMR Middle East]

    New risks emerge daily as cybersecurity and data breaches continue to rise and impact organizations of all sizes and sectors. Cybercrime is becoming big business, and cyber risk is a focus of organizations and governments. 

    However, according to research by Positive Technologies, only 4% of organizations are protected against attackers breaching their internal networks. Attackers could have seized complete control of the IT infrastructure in every company where an internal penetration test was conducted. The fastest time to penetrate the local network was one day.

    PT SWARM conducted penetration tests on companies in various sectors, such as IT, finance, industry, services, and telecommunications. Penetration testing aims to determine whether an external or internal attacker can successfully attack an organization and trigger an event deemed non-tolerable for the business.

    The tests revealed that in 63% of organizations, a low-skilled attacker could have penetrated the local network from the outside. A low-skilled internal attacker could have gained full control over the IT infrastructure in a similar proportion of organizations.

    In 96% of projects, the organizations were found to be unprotected from attackers attempting to penetrate their internal network. Only one company withstood the pentest, with researchers managing to access only the so-called demilitarised zone (a buffer area between the internet and the internal network) thanks to prior pen-testing and top-notch vulnerability remediation.

    The fastest penetration of the organization’s LAN occurred on the first day of testing. On average, it took specialists 10 days to gain access.

    Bad actors could have gained full control over the infrastructure in companies where an internal test was conducted. In one project, the specialists gained maximum privileges in the Active Directory domain after 6.5 hours, while in other projects, the figure varied from one to seven days.

    In almost every company, the specialists obtained employee credentials and gained unauthorized access to important confidential information, including intellectual property and internal communications.

    “In every organization where PT SWARM conducted internal penetration tests, maximum privileges in the domain were gained. In 90% of cases, the possibility of triggering non-tolerable events was verified; the specialists did not always require full control over the IT infrastructure. For example, even in a company where PT SWARM couldn’t access the LAN, the specialists proved that unauthorized access to a database with personal data of over 460,000 users was possible,” said Positive Technologies Research Analyst Grigory Prokhorov.

    To achieve cyber resilience, a company needs to conduct penetration tests and keep its IT infrastructure always ready to fend off cyberattacks. That’s why experts recommend that organizations continually assess and monitor the security of their critical assets by identifying and making attacker pathways more difficult.


    More Like This

    You must to post a comment.

    First time here? : Comment on articles and get access to many more articles.