A group of 112 hackers, penetration testers and incident responders were surveyed to find out how fast they can access a targeted system. The survey revealed that majority (61%) of them can get access in less than 15 hours, 54% of the hackers can get access to a system in less than 5 hours, identify and steal the sensitive data. This data is just part of the findings of the survey contained in the second annual Nuix Black Report.
Other questions asked in the survey include the motivations for attacks, the industries most vulnerable to attacks and the techniques used in the attacks. The least protected industries include the retail, hospitality and food and beverage industries. Healthcare organizations, together with manufacturers, law firms, and sports and entertainment companies are considered as soft targets or relatively easy to attack. Nuix noted that industries rated as soft targets need to comply with industry standards for cybersecurity. If the retail, food and beverage industries need to comply with Payment Card Industry Data Security Standard, healthcare organizations need to comply with the HIPAA Security Rule and the HITECH Act.
The hackers were asked how much time it takes them to breach a hospital or healthcare provider and steal useful data. 18% of respondents said less than 5 hours, 23% said 5 to 10 hours while 20% said 10 to 15 hours. Many of the hackers said they can steal sensitive data in just one hour from the time the network perimeter is breached. Organizations mostly use perimeter defenses like antivirus and firewalls to comply with security requirements. But hackers found these security measures easy to bypass.
When asked about their motivation for attacking, 86% of hackers do it as a challenge, 35% do it for fun, and only 21% do it for financial gain.
The hackers were also asked how they gain access to networks. The most used techniques include social engineering (27%) and phishing attacks (22%). Although ransomware attacks increased in the past years, only 3% of respondents prefer this attack method. Phishing attack is preferred by 49% of hackers. 62% of hackers who use social engineering as an attack method use phishing emails; 22% use physical social engineering on employees and 16% use the telephone to obtain the information. 80% of surveyed hackers use open source hacking tools and exploit packs for attacks. It is interesting to note that hackers do not often change their tactics. One-fourth of hackers change their method of attack just once a year, whereas 20% change their methods two times a year.
The findings of this survey emphasize the need for organizations to implement security awareness among its personnel. The staff especially needs to know about social engineering and phishing attacks because these are preferred tactics by hackers. Being prepared against these tactics will improve the company’s security posture.