Robust password policies cut cyber attacks by 60%
Research shows that hackers most often use brute force password attacks and flaw exploitation
Deploying an appropriate patch management policy decreases the risk of hacking by 30%, while a robust password policy reduces the likelihood of being attacked by 60%, according to a new report.
The Incident Response Analyst Report 2021, published by IT security firm Kaspersky, found brute force is the most widely used initial vector to penetrate a company’s network. Compared to the previous year, the share of brute force attacks has skyrocketed from 13% to 31.6%. The report’s authors said this was perhaps due to the pandemic and the boom of remote working.
The analysis of anonymized data from incident response (IR) cases found that the second most seen attack is vulnerability exploitation with a 31.5% share. The research showed that vulnerabilities from 2020 were used in only a few incidents. In other cases, adversaries used older, unpatched vulnerabilities, such as CVE-2019-11510, CVE-2018-8453, and CVE-2017-0144.
Over half of attacks that started with malicious emails, brute force, and external application exploitation were detected in hours (18%) or days (55%). The report added that some of these attacks lasted much longer, with an average duration of up to 90.4 days.
Analysis of the data from incident responses found that in 44% of all incidents, hackers used existing, well known offensive tools from GitHub, such as Mimikatz, AdFind, and Masscan. They also used specialized commercial frameworks, such as Cobalt Strike.
Defeating ransomware with unified security from WatchGuard
How SMBs can defend against the onslaught of ransomware attacksFree download
Konstantin Sapronov, head of Kaspersky’s global emergency response team said that even if the IT security department does its best to ensure safety of the company’s infrastructure, legacy OS usage, low-end equipment, compatibility issues, and human factors often result in security breaches that can jeopardize an organization’s security.
“Protective measures alone can’t provide a holistic cyber defense. Therefore, they should always be combined with detection and response tools that are able to recognize and eliminate an attack at an early stage, as well as address the cause of the incident,” Sapronov said.
The report urged organizations to deploy a robust password policy, including multi-factor authentication (MFA) and identity and access management tools, and ensure software is patched regularly to fix vulnerabilities.
Accelerating AI modernisation with data infrastructure
Generate business value from your AI initiativesFree Download
Recommendations for managing AI risks
Integrate your external AI tool findings into your broader security programsFree Download
Modernise your legacy databases in the cloud
An introduction to cloud databasesFree Download
Powering through to innovation
IT agility drive digital transformationFree Download