Advertisement
Live broadcast

More than 60% of companies in Russia are unprepared for cyberattacks

Research: 65% of companies in Russia are not prepared for cyberattacks
0
Photo: IZVESTIA/Sergey Lantyukhov
Озвучить текст
Select important
On
Off

In Russia, 65% of companies analyzed have a low level of security. Attacks on them can cause critical damage, lead to the interruption of key business processes and financial losses. This is stated in the results of the research of the information security company "Bastion", which were read by "Izvestia" on January 13.

In total, more than 300 medium and large organizations were analyzed. Different industries were checked: banks, IT-companies, retail, factories and government agencies.

Experts specified that the problem is multifactorial. Some companies underestimate cyber risks, while others face insufficient budget for information security and difficulties in finding suitable specialists.

"It happens that information security incidents in companies are not investigated to the end, which leads to repeated and more damaging incidents. Even the presence of various protection systems (information security tools. - Ed.) within the company's infrastructure does not guarantee prompt detection and prevention of incident development, which may be due to both lack of qualification of employees and their high workload", - specified in the company "Bastion".

According to experts' statistics, in 60% of cases attackers can penetrate the corporate network and obtain administrator privileges through vulnerabilities in publicly available services.

The main reason for this is the presence of many critical and highly dangerous vulnerabilities: weak passwords; lack of protection against credential brute force; lack of two-factor authentication mechanisms on external corporate services; IDOR (unsafe direct object references); RCE (code injection - a vulnerability that allows an attacker to remotely launch malicious code in the target system). Other vulnerabilities include: logic vulnerabilities; SQL injection (a web security vulnerability that allows an attacker to interfere with queries an application makes to its database); Account Takeover (a form of identity theft in which cybercriminals take over online accounts using stolen credentials); and information disclosure.

"An attack can paralyze a company's operations for a long period of time, result in significant financial losses, leakage of customer data, and loss of trust from partners and customers. Example: an external attacker exploits a vulnerability in a web application to penetrate a company's internal network. He gains access to critical systems (e.g. CRM, ERP or accounting data), deploys ransomware, encrypts data and blocks business processes. Often, during the attack, the attacker gains access to backups and destroys them," the experts explained.

According to them, in order to effectively protect the infrastructure, teams responsible for information security in the company must understand the methods of attackers.

The company outlined key measures to mitigate risks. Among them is network segmentation, which will make it more difficult for attackers to move within the infrastructure and limit access to critical parts of the network. In addition, the introduction of multi-factor authentication will reduce the likelihood of compromise through social engineering and password mining. Monitoring, controlling and analyzing network connections inside and outside the infrastructure to detect suspicious activity is essential.

In addition, regular auditing of contractor access rights, accounts, VPN connections and firewall settings is important to close loopholes for hackers.

Other key measures include: analyzing security logs of infrastructure objects to detect attacker's traces before any noticeable negative consequences of a hack; analyzing security mechanisms of operating systems (enabling built-in protection mechanisms and disabling insecure protocols) to strengthen cyber defense at minimal cost; regular infrastructure checks for critical vulnerabilities and installation of updates to prevent attacks using common exploits and protect the infrastructure from mass auto-attacks.

Don't forget about training employees in the basics of cybersecurity using real-life examples - this will help to practice and consolidate knowledge about countering social engineering techniques.

In addition, pentests and simulated attacks will provide an independent assessment of security and allow to work out interaction between departments in critical situations, experts added.

Earlier, on December 6, 2024, it was reported that Russia is in second place in the number of cyberattacks targeting it, with the United States in first place. This follows from the data of the Solar 4RAYS Cyber Threat Research Center of the Solar Group. Also among the most attacked countries are Canada, Switzerland, and Singapore.

Live broadcast
Subscribe and get the news first
VK
Menu
Advertisement
RSS

Copyright for the iz.ru portal content visualisation system, as well as for the source data, including texts, photos, audio and video materials, graphic images, other works and trademarks, belongs to "MIC Izvestia" LLC

Partial quotation is possible only with a hyperlink to en.iz.ru

The site is operated with the financial support of the Ministry of Digital Development, Communications and Mass Media of the Russian Federation.

The advertiser is responsible for the content of any advertising materials posted on the portal.

The news, analytics, forecasts and other materials presented on this website do not constitute an offer or recommendation to buy or sell any assets.

Registered by the Federal Service for Supervision of Communications, Information Technology and Mass Communications. Certificates of registration Certificate of registration: EL № FS 77 - 76208 dated July 8, 2019. , Certificate of registration: EL № FS 77 - 72003 dated December 26, 2017.

All rights reserved © «MIC «Izvestia» LLC, 2025