Criminals who don’t have an odd $23,000 in change stuffed down the back of the sofa are primarily trying to hack into companies via social engineering, according to a new survey from Balabit.
Despite the much-publicised access for cash we’ve heard about recently, outsiders are typically looking to gain inside access with minimal financial outlay, or indeed effort.
And that’s no surprise really – almost 70% of the nigh on 500 security professionals surveyed by Balabit said the inside threat posed the biggest danger.
Just over half of those surveyed said their organisations were worried about attackers breaking through their firewall in order to gain access to the company network which is, perhaps, something of a concern when a similar number (40%) confessed that their firewalls and other first-line defence tools were in fact failing to keep hackers at bay.
The survey, which sought to identify the methods used by attackers to gain access to sensitive data in quick order, placed social engineering in first place with Zoltan Gyro, Balabit’s CEO, saying:
Traditional access control tools and anti-malware solutions are necessary, but these only protect companies’ sensitive assets while hackers are outside of the network. Once they manage to break into the system, even gaining a low level access, they can easily escalate their rights and gain privileged or root access in the corporate network. Once it happens, the enemy is inside and poses a much higher risk as they seem to be one of us.
The unsurprising runner up in the survey was compromised user accounts.
With password cracking being a potentially slow task, prone to leaving digital footprints in its wake, easily compromised corporate accounts are highly desirable. With many employees continuing to reuse passwords between accounts, both at home and at work, social engineering attacks designed to persuade users to “voluntarily” give up their credentials on social media and other sites can often prove to a fruitful strategy.
More technical attacks still pose a risk though, according to the survey, which identified old favourites such as SQL injection and Heartbleed as hacking methods of concern to security personnel.
The full list of popular hacking methods also contains other perennial favourites such as physical attacks and Shadow IT:
- Social engineering
- Account compromise
- Web-based attacks
- Client-side attacks
- Exploits against popular server updates
- Compromised personal devices
- Physical intrusion
- Shadow IT, especially personal cloud services
- Compromised third party service providers
- Data stored in the cloud
As Balabit says, the means of attack is one thing, but the key point is to know what is happening on your network at any given time, via real-time monitoring.
While I wouldn’t disagree with that assertion, I also think the survey again highlights the need for staff security awareness programs though. With social engineering and compromised accounts topping the hacking chart, think how much you could achieve by changing risky behaviours among your staff.