On the 6 February, cyber-security firm Positive Technologies published its penetration testing activity report for 2018. The firm claimed that its researchers breached the external perimeter and gained access to the internal networks of 92 percent of the companies they tested.
Positive Technologies placed most of these successes on vulnerabilities in the source code external-facing web applications. The company’s findings found that 75 percent of exploitation were because of web resources.
Pentesters found that they were able to gain access to internal computers and servers. This included critical resources such as SWIFT money transfer and ATM controls.
Accessing The Internal Network
To access the systems of these companies, Positive Technologies said its experts used basic techniques such as brute-force of account passwords and exploiting old vulnerabilities. They also used social engineering techniques like phishing and vulnerabilities in the WiFi networks.
Of the companies tested, 87 percent had WiFi networks that were accessible from outside the clients building. In some cases, they could access the WiFi network from nearby coffee shops and parking areas.
Around 63 percent of systems featured weak WiFi security allowing access to the computer network. By weak WiFi security, the company means companies that failed to encrypt WiFi traffic or used weak protocols.
No Company Was Perfect
Positive Technologies discovered that even those companies that offered strong security, there was always at least one way open to hackers. Some of these companies were using strong WiFi authentication, had well-trained employees, and were resistant to brute-force attacks.
One company had the oldest vulnerability they had found which was 19-years old. The CVE-1999-0024 was a flaw affecting BIND, a widely used DNS server software.
Overall, Positive Technologies tested 33 companies which were the basis of their report. These companies were active in the industrial, financial and transport industries.