The XM Cyber research team analyzed the methods, attack paths and consequences of cybercriminal operations that endanger critical assets in local, multi-cloud and hybrid environments. The findings from the company’s finished report include information on almost two million endpoints, files, folders and cloud resources during 2021. Experts told how hackers entrenched in the network can easily move to critical business assets:
-
94% of critical assets can be compromised within four stages after the initial point of hacking.
-
75% of an organization’s critical assets may be compromised in their current state of cybersecurity.
-
73% of the most popular methods of attacks are related to mismanagement or stolen credentials.
-
95% of the organization’s users have long-term access keys associated with them that can be disclosed.
-
78% of enterprises are ready for compromise every time a new remote code execution (RCE) method is discovered.
The main vectors of attacks in the cloud are misconfigurations and excessive access. According to experts, knowing where to interrupt the attack paths, organizations can reduce the number of problems by 80%. The attack path is a chain of attack vectors (vulnerabilities, misconfigurations, user privileges, human errors, etc.) that a hacker can use to move around the network. Hybrid cloud computing architecture is particularly vulnerable because attackers can exploit security breaches to gain a foothold on the network and then move between on-premises and cloud applications.
“Modern organizations are investing in more and more platforms, applications and other technical tools to accelerate their business, but they too often do not understand that the interconnection between all these technologies poses a significant risk. When disparate teams are responsible for different security components in the network, no one sees the full picture. One team can ignore a seemingly small risk, not realizing that in general this is a stepping stone on a hidden path of attack to a critical asset. It is necessary to give priority attention to correcting attack paths in order to keep up with modern technologies and business requirements,” said specialist Zur Ulianitzky.