Many companies are still failing to protect against the most common threats

When hackers want to access a target network, they are most likely to launch a phishing attack, exploit known software vulnerabilities or simply brute-force their way in through the remote desktop protocol (RDP).

This is according to a new report from Palo Alto Networks’ cybersecurity arm, Unit 42. In its latest paper, the company says these three make up more than three quarters (77%) of all suspected root causes for intrusions. 

Drilling deeper, Unit 42 found that more than half (55%) of all successful software vulnerability exploits leveraged ProxyShell (55%), followed by Log4j (14%), SonicWall (7%), ProxyLogon (5%) and Zoho ManageEngine ADSelfService Plus (4%).

However, businesses could have done a lot more to stay safe. Out of 600 incident response cases Unit 42 analyzed for the report, businesses lacked multi-factor authentication on critical internet-facing systems in half of cases. Meanwhile, more than a quarter (28%) had poor patch management procedures and 44% did not have an endpoint protection service in place.

BEC and ransomware

Once they gain access, threat actors will engage either in business email compromise (BEC) or ransomware attacks. The average amount stolen through BEC was $286,000, the report said, while for ransomware, the highest average demand was in finance at nearly $8 million.

A new ransomware victim gets their data posted on leak sites every four hours now, the report found. That’s why, the researchers claim, identifying ransomware activity early is crucial. 

Usually, the attackers spend up to 28 days on the target network, identifying endpoints and key data, before actually deploying any ransomware. 

“Right now, cybercrime is an easy business to get into because of its low cost and often high returns. As such, unskilled, novice threat actors can get started with access to tools like hacking-as-a-service becoming more popular and available on the dark web,” said Wendi Whitmore, SVP and head of Unit 42 at Palo Alto Networks. 

“Ransomware attackers are also becoming more organized with their customer service and satisfaction surveys as they engage with cybercriminals and the victimized organizations.”

ajPhLMDeq2TRvdPHkrCbV3

Source: TechRadar - All the latest technology news

By:

Looking for Google Pixel 4 deals? These EE tariffs blow everything else away right now
Looking for Google Pixel 4 deals? These EE tariffs ...
Scotland vs France live stream: how to watch Six Nations 2020 rugby online from anywhere
Scotland vs France live stream: how to watch Six N ...
Intel's STILL trying this?
Intel's STILL trying this? ...
The cheapest Blu-ray BD-R disc per Gigabyte underlines why optical storage is dying out
The cheapest Blu-ray BD-R disc per Gigabyte underl ...
Best tablet 2020: the top tablets you can buy right now
Best tablet 2020: the top tablets you can buy righ ...
Stocks post worst quarter since 2008 financial crisis
Stocks post worst quarter since 2008 financial cri ...