Home > IT Monitoring > Network Monitoring > Two days is all it takes to break into a network
It takes just two days to break into a company’s internal network. In 93 percent of cases, an external attacker can breach an organization’s network perimeter and gain access to local network resources, concludes a study by Positive Technologies.
“In 20 percent of our pentesting projects, customers asked us to check which unacceptable events might be feasible as a result of a cyber-attack. We identified an average of six unacceptable events. According to our customers, events related to the disruption of technology processes and service delivery, as well as the theft of funds and important information represent the greatest danger,” comments Ekaterina Kilyusheva, head of research and analysis at Positive Technologies.
Once an attacker has obtained credentials with domain administrator privileges, they can obtain many more credentials to move laterally through the corporate network and access key computers and servers. According to the study, most organizations do not have network segmentation by business processes, and this allows attackers to develop multiple attack vectors simultaneously.
“To build an effective protection system, it is necessary to understand which unacceptable events are relevant for a given company,” Kilyusheva adds.
To make it more difficult for an attacker to advance across the corporate network toward target systems, there are a number of interchangeable and complementary measures organizations can take, including separation of business processes, the configuration of security controls, enhanced monitoring, and increasing the attack chain. The choice of which technology solutions to use should be based on the company’s capabilities and infrastructure.
A network monitoring software is mainly used by network administrators. But it is also very useful for security teams. By continuously examining network uptime, availability, and response time, they can identify unusual activities and alert whenever anything suspicious or malicious is detected. For example, it will alert enterprise professionals when an access point goes offline or any suspicious packets are detected, and thus help them keep cybersecurity threats under control.
Comprehensive network monitoring is therefore vital for maintaining network security. It helps to keep a constant eye on firewalls, antivirus software, and backup software and to be warned automatically in case of problems.
Choosing the right network monitoring system makes all the difference in the accuracy of the digital infrastructure’s operation.
Here you have a list of 5 useful network management tools:
IT security should be an important consideration when starting any new project – and not just for those responsible for security and data protection. IT administrators and software developers should also always be up-to-date. And while management can pass on specific tasks, they should also keep up to date with all security developments.
By simplifying IT structures and keeping the number of tools you use to a minimum, you will already be doing a lot to prevent potential attacks. All software creates gateways, either alone or when run with other programs. By keeping things simple, you will close off potential gateways and thus prevent hackers from finding a way in. A rule of thumb: the more complex your infrastructure, the more vulnerable your system.
Nowadays, you have to assume that software is defective and that bugs will create gateways. So-called exploits use weak points to gain access to external computers and install malware. These exploits are saved in “exploit kits” and sold to interested parties with convenient user interfaces. As a result, weak points can be “exploited” during attacks with little or no expense.
If you discover a weakness and notice that a patch or update is available, install it as soon as possible, preferably via an automated update distributor that covers all workstations in your company. By doing so, you will minimize the risks posed by software failures, even if these failures cannot be fully eliminated. A company always runs the risk that a hacker will learn about a bug before its software developers do.