Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

XM Cyber Research Finds That Hackers Can Claim ‘Checkmate’ on 94% of Critical Assets in Just Four Moves

XM Cyber, the multi-award-winning hybrid cloud security company, announced findings from its first annual Impact Report. Attack Path Management Impact Report: 2021 Year in Review incorporates insights from nearly two million endpoints, files, folders, and cloud resources throughout 2021. The XM research team analyzed the methods, attack paths and impacts of attack techniques that imperil critical assets across on-prem, multi-cloud and hybrid environments, and developed tips for thwarting them.

Today’s security tools enable organizations to detect all kinds of misconfigurations, vulnerabilities and other security gaps. However, they fail to show how these seemingly unrelated issues form hidden attack paths that hackers can use to pivot through a hybrid cloud environment and compromise critical assets.

Recommended AI News: Swvl Expands Into Central Europe via Acquisition of Mass Transit SaaS Platform Door2door

XM’s Impact Report takes the attackers’ perspective to show how, once they get a foothold in the network, they can easily move towards critical business assets. The report was enabled by the company’s namesake attack path management platform, which allows users to see all of the ways that hackers can leverage attack paths across cloud and on-prem environments, aiding mitigation and prevention efforts.

Key insights include:

  • 94% of critical assets can be compromised within four steps of the initial breach point
  • 75% of an organizations’ critical assets could have been compromised in their then-current security state
  • 73% of the top attack techniques involve mismanaged or stolen credentials
  • 95% of organizational users have long-term access keys attached to them that can be exposed
  • 78% of businesses are open to compromise every time a new Remote Code Execution (RCE) technique is found
  • The main attack vectors in the cloud are misconfigurations and overly permissive access
  • By knowing where to disrupt attack paths, organizations can reduce 80% of issues that would otherwise have taken up security resources
Related Posts
1 of 40,639

Recommended AI News: SQream Announces Industry-First 60 Day Proof of Value to Demonstrate Business Results with Panoply

An attack path is a chain of attack vectors (vulnerabilities, misconfigurations, user privileges, human errors, etc.) that a hacker can use to move laterally through the network. Hybrid cloud computing architecture is especially vulnerable, as attackers can exploit security gaps to obtain a foothold in the network and then move laterally between on-premises and cloud applications. XM Cyber’s report outlines the security gaps and hygiene issues that exist in multiple attack paths across on-prem and cloud environments,  demonstrating the importance of risk visibility across the entire network.

“Modern organizations are investing in more and more platforms, apps and other tech tools to accelerate their business, but they too often fail to realize that the interconnection between all these technologies poses a significant risk,” said Zur Ulianitzky, Head of Research, XM Cyber. “When siloed teams are responsible for different components of security within the network, nobody sees the full picture. One team may ignore a seemingly small risk, not realizing that in the big picture, it’s a stepping stone in a hidden attack path to a critical asset. To keep pace with today’s technology and business demands, attack path remediation must be prioritized.”

Highlights of the report include:

  • Methodology and Synopsis of the Attack Path
  • The Top Attack Techniques Used to Compromise Critical Assets in 2021
  • New Attack Techniques Used in 2021
  • Cross-platform Attack Insights
  • Key Findings Across On-Prem and Cloud

Recommended AI News: cQuant.io and Hartigen Announce Partnership for Portfolio Optimization & Analytics

[To share your insights with us, please write to sghosh@martechseries.com]

Comments are closed.