18.1 C
New Delhi
Friday, November 22, 2024
HomeTechCommon vulnerabilities, a favourite with hackers: Kaspersky

Common vulnerabilities, a favourite with hackers: Kaspersky


Hackers don’t sweat much as they launch cyber attacks. They love cherry-picking and low-lying fruit to strike it rich quickly. A recent survey of the cyberattacks that happened last year indicates that exploitation of Internet-facing applications is the number one initial attack vector.


Hackers look for an Achilles heel to break into a network or a device. They look for weak links such as public servers with well-known vulnerabilities, poor passwords or compromised accounts.

Also read: Global cyber security spending to touch $460 billion by 2025: Kaspersky

As many as 53.6 per cent of cyberattacks reported in 2021 were caused by exploitation of vulnerabilities, according to the Incident Response Analytics Report prepared by cybersecurity solutions company Kaspersky.

The share of this method as an initial attack vector increased from 31.5 per cent in 2020 to 53.6 per cent in 2021, while the use of compromised accounts and malicious emails has decreased from 31.6 per cent to 17.9 per cent, and 23.7 per cent to 14.3 per cent respectively.

Another alarming aspect is that in over half of cases (62.5 per cent), attackers spend more than a month inside the network before encrypting data.

The report gives a peek into the nature of the attacks launched by hackers last year.

“Year after year these initial access vectors have led to an increasing number of high-severity cybersecurity incidents,” it points out.

The report analyses anonymised data from incident response cases handled by the Kaspersky Global Emergency Response Team (GERT) from all over the world.

“It proves that exploitation of public-facing applications, accessible from both the internal network and the Internet, has become the most widely used initial vector to penetrate an organisation’s perimeter,” it said.

Impact of attacks

File encryption, which is one of the most common ransomware types, has remained the main problem facing companies for three years in a row. Ransomware attacks deprive organisations of access to their data.

“Adversaries manage to stay unnoticed inside an infrastructure, largely because of Operating System tools, well-known offensive tools and the use of commercial frameworks, which are involved in 40 per cent of all incidents,” the report pointed out.

After the initial penetration, attackers use legitimate tools for different purposes: PowerShell to collect data, Mimikatz to escalate privileges, PsExec to execute commands remotely or frameworks like Cobalt Strike for all stages of attack.

“Our report demonstrates that an appropriate patch management policy alone can reduce the likelihood of a successful attack,” Konstantin Sapronov, Head of Global Emergency Response Team, said.

How to thwart attacks

In order to minimise losses, Kaspersky asks organisations to back up their data so that they can access crucial files in case of a ransomware attack.

“You must continuously train your incident response team to stay up to speed with the changing threat landscape. You must implement strict security programmes for applications with Personally Identifiable Information,” it said.

Published on

September 07, 2022



Source link

- Advertisment -

YOU MAY ALSO LIKE..

Our Archieves