Network hackers find the right vulnerability in less than 10 hours

A recent survey showed that a modern attacker finds a vulnerability that helps bypass network perimeter protection in less than ten hours. After an exploit, getting out of the compromised system takes less than five hours in half of the cases.

The survey, which allows to estimate the time for which organizations can detect and stop a hacker attack, was conducted by the American Institute for Research and Improvement of Information Security Specialists (SANS) and information security provider Bishop Fox. More than 300 ethical hackers from different countries took part in the survey.

Almost two-thirds of the respondents have experience in the profile (network security, pentest, application security, etc.) from one to six years, about 30% – from seven to 20 years. The best results in gaining access to the target network were shown by cloud security checkers.

Most often, hackers use vulnerable settings, software developer errors, and poorly protected web services for this purpose. Nearly two-thirds of those surveyed said that after penetrating the internal network, they can collect data and display it in five hours, and 41% in two hours or less.

Network hackers find the right vulnerability in less than 10 hours

“Five or six hours of hacking is no surprise to me, I’m an ethical hacker myself,” Tom Eston, Bishop Fox’s associate vice president of consulting, told Dark Reading. “The results are in line with what we see in real-life hacks using social engineering, phishing and other vectors.”

Nearly three-quarters of survey participants believe that many organizations lack the detection and response capabilities to stop an attack and thereby limit the damage.

Network hackers find the right vulnerability in less than 10 hours

The most cost-effective vectors of hacker attacks, according to respondents, are social engineering and phishing (49% of responses). A quarter of respondents for the same reasons preferred attacks on web applications, cracking passwords and ransomware.

The full survey report can be downloaded from the Bishop Fox website (in exchange for your data). The event threw new data into the treasury of information security experts who set a goal to help businesses repel hacker attacks with minimal losses.

For example, the CrowdStrike team recently found that it takes the average hacker less than an hour and a half to leave the entry point and attack other systems on the corporate network. The results obtained by Positive Technologies a year ago are more modest – an average of two days, with a previously set lower limit of half an hour. And ransomware is usually launched into the network three days after being hacked.

Catch up on more articles here

Follow us on Twitter here


Must read


Related Posts