You weren't hacked because you lacked space-age network defenses. Nor because cyber-gurus picked on you. It's far simpler than that

You weren't hacked because you lacked space-age network defenses. Nor because cyber-gurus picked on you. It's far simpler than that

2020-08-13 07:06

What's more, in most of the cases, an attacker did not need to do much, beyond gaining an initial foothold, to command full internal network access: in 68 per cent of the trials, the infiltrators only needed to take one or two steps to have the entire organization at their fingertips.

Network compartmentalization, and access controls limiting who can see what, may have helped minimize intruders' reach.

The report shows that performing what some assume is the minimum of effort - timely patching, login monitoring, and network segmentation with access limit policies, for instance - can be rather effective at keeping at least opportunistic crooks out.

"To secure the network perimeter, the first step is to follow basic information security rules," said Kilyusheva.

"Web applications are the most vulnerable component on the network perimeter. Companies should perform security analyses regularly." .

News URL

https://go.theregister.com/feed/www.theregister.com/2020/08/13/pentest_networks_fail/

#defense #hacked