As many as six in ten cyberattacks make use of brute force to crack a password and vulnerability exploitation.
This is according to the Kaspersky Global Emergency Response Team’s Incident Response Analytics Report which drew on anonymised data from incident response cases.
The report reveals that brute force is one of the more popular options for initial compromise of a company’s network. Compared to last year, brute force attacks rose from 13 percent to 31.6 percent.
The second most common method of compromise is by exploiting software vulnerabilities which was detected in 31.5 percent of compromises.
“Even if the IT security department does its best to ensure safety of the company’s infrastructure, factors such as legacy OS usage, low-end equipment, compatibility issues and human factors often result in security breaches that can jeopardise an organisation’s security. Protective measures alone can’t provide holistic cyber defense. Therefore, they should always be combined with detection and response tools that are able to recognise and eliminate an attack at an early stage, as well as address the cause of the incident,” says head of the Global Emergency Response Team at Kaspersky, Konstantin Sapronov.
The bad news is that only 18 percent of malicious emails, brute force and exploitation attacks were detected in a few hours while 55 percent were detected in a matter of days. On average attacks lasted up to 90 days.
“The report shows that attacks involving a brute force initial vector are easy to detect in theory, but in practice, only a fraction were identified before causing an impact,” said Kaspersky.
To minimise risk, Sapronov recommends the following precautions are followed:
- Implement a robust password policy, including multifactor authentication (MFA) and identity and access management tools;
- Ensure that patch management or compensation measures for public-facing applications have zero tolerance. Regular updates of vulnerability details from software vendors, scanning the network for vulnerabilities and patch installations are crucial for the security of a company’s infrastructure;
- Maintain a high level of security awareness among employees. Conducting comprehensive and effective third-party training programs for employees is a good way to save time of IT department and get good results;
- Implement an Endpoint Detection and Response solution with an MDR service, to detect and react to attacks promptly, among other measures. The use of advanced security services allows businesses to reduce the cost of attacks and prevent undesirable consequences.
[Image – CC 0 Pixabay]