Positive Technologies published the results of their 2023 security tests, revealing alarming vulnerabilities in companies’ IT infrastructure. The study showed that attackers were able to gain full control over IT systems in nearly all organizations tested, with some breaches occurring in as little as one day.
The PT SWARM team, responsible for conducting the tests, assessed companies across various sectors such as IT, finance, industry, the service sector, and telecommunications. The primary objective of the testing was to identify weaknesses in organizations that could be exploited by both external and internal attackers.
The findings were concerning, as 63% of organizations were found to be vulnerable to penetration of the local computer network from external attackers, while an equal percentage of companies were susceptible to internal attackers gaining complete control over the IT infrastructure. Additionally, 96% of organizations had vulnerabilities that could be exploited by attackers looking to infiltrate their internal network, with some breaches occurring within the first day of testing. On average, it took specialists 10 days to gain access to the systems.
Experts were able to access employees’ account information, gain unauthorized access to confidential data, including intellectual property and official communications, and establish complete control over the organizations’ infrastructure in nearly all cases. In one project, the PT SWARM team gained maximum privileges in the Active Directory domain in just 6.5 hours, while in other instances, this process took anywhere from 1 to 7 days.
Notably, in all organizations where internal testing took place, experts were able to obtain maximum privileges in the domain. In 90% of cases, potential security breaches were identified without the need for complete control over the IT systems. For example, even in a company where access to the LAN was not achieved, unauthorized entry into a database containing personal data of over 460 thousand users was possible.