A study by Positive Technologies showed that the IT systems of almost all large Russian companies are vulnerable to hacker attacks. In 96% of cases, an attacker could penetrate the network perimeter and penetrate the internal network.
Pentests were carried out on several dozen Russian companies from various sectors of the economy, including financial, industrial, public sector, trade, transport and others, Vedomosti reports.
More than half (57%) of the companies in which the study was conducted are in the ranking of the largest companies in Russia in terms of sales of RAEX-600 products.
What the study showed:
- 96% of companies are not protected against the penetration of an external intruder;
- in 90% of cases, an attacker could gain access to sensitive information, including trade secrets;
- It has been proven that 100% of organizations can get domain administrator privileges. In other words, an attacker will be able to perform any action on the company’s infrastructure, including establishing a connection to all servers and computers;
- in 85% of high-level and critical vulnerabilities identified due to weak passwords;
- 60% of companies found critical and high severity vulnerabilities – they are associated with the use of outdated software versions;
- 35% of the vulnerabilities were related to configuration, 15% to web application code.
On average, it took pentesters five days and four hours to gain access to the organizations internal network, with the fastest attack completed in one hour.
Author:
anastasia mariana
Source: RB
I am Bret Jackson, a professional journalist and author for Gadget Onus, where I specialize in writing about the gaming industry. With over 6 years of experience in my field, I have built up an extensive portfolio that ranges from reviews to interviews with top figures within the industry. My work has been featured on various news sites, providing readers with insightful analysis regarding the current state of gaming culture.
