Patch management plus robust password guidelines reduce the risk of cyber attack by up to 60 percent. Brute force is the most commonly used attack vector. More than half of the attacks are discovered within hours and days
In six out of ten (63 percent) cyberattacks investigated by the Kaspersky Global Emergency Response Team, the attackers use brute force methods and exploit vulnerabilities to compromise a company's IT systems. The results of the latest Incident Response Analytics Report from Kaspersky show that simply implementing an appropriate patch management policy reduces the risk of incidents being attacked by 30 percent and a robust password policy can reduce the likelihood of an attack by 60 percent.
Although everyone should be aware of the importance of regular patches and updates as well as the use of secure passwords, many companies do not implement them - and thus offer attackers the opportunity to penetrate company systems and thus increase the risk of attack. Weak passwords and unpatched software make up the overwhelming majority of the primary access vectors in cybersecurity incidents.
Number of brute force attacks almost tripled
The analysis of anonymized data from incident response cases shows that brute force is the most frequently used attack vector for penetrating a company network. Compared to the previous year, the proportion of brute force attacks increased from 13 to 31,6 percent, which may be due to the pandemic and the increase in home office and remote working. The second most common attack method, with a share of 31,5 percent, is the exploitation of security gaps. However, only a few incidents exploited vulnerabilities from 2020; some of the exploited, unpatched vulnerabilities were older, including the CVE-2019-11510, CVE-2018-8453 and CVE-2017-0144 vulnerabilities.
More than half of all attacks that started with malicious email, brute force and the exploitation of external applications were discovered within hours (18 percent) or days (55 percent). The attacks lasted an average of 90,4 days, with a few longer. Brute force attacks are easy to spot in theory, but in practice only a fraction of them were identified before damage was caused by compromising.
Attack duration on average at 90,4 days
While preventing brute force attacks and controlling timely updates may seem unproblematic for a professional cybersecurity team, in reality it is virtually impossible to completely eliminate these issues.
"Even if the security department does its best to ensure the protection of the company infrastructure, the use of older operating systems, low-end devices, compatibility issues and human factors often lead to security incidents that can put a company at risk," comments Konstantin Sapronov, Head of the Global Emergency Response Teams at Kaspersky. “However, proactive measures alone cannot provide holistic protection. These should always be combined with incident and response tools that can detect and remediate an attack early and fix the root cause of the incident.”
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/