Rapid7 conducted hundreds of simulated cyberattacks, and recently published the results in a study that showed at least one vulnerability was exploited in 84% of engagements. The study, titled “Under the Hoodie,” reflects 268 tests conducted across a number of industries.
Justin Jett, Director of Audit and Compliance at Plixer:
“With the latest results from Rapid7’s Under the Hoodie 2018 penetration tests, it is clear that network vulnerabilities are still a major security issue for organizations. It is especially concerning that when a hacker has access to the local network, they are able to capture at least one credential 86 percent of the time and that 67 percent of the time, hackers were able to gain administrative control of the entire network. IT professionals should use network traffic analytics to help them discover credential abuse and see when hackers are trying to gain control of the network. Specifically, by baselining the network usage behavior of the users, network and security professionals can spot when a user’s credentials are used in atypical ways (how often do you see the marketing or sales teams attempting to connect to servers over SSH?). Furthermore, looking at the network traffic gives IT teams insight into where hackers are getting in, and can confirm vulnerabilities that have been exploited.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.