With never ending implementation of solutions on the organizations we work with an attempt to either secure, provide easy accessibility or non-essential access to our network. This kind of steps opens a new attack vector for the attacker to use those interfaces to perform attacks. 

Let me try to be honest, if the organization is hacked whether it is a ransomware, backdoor or any other kind of automated malicious activity within the network via simple click of an unaware user or vulnerable software, that means you are just one of the victims of many. 

Attackers don’t always target one company, they hack in masses by scanning the internet for weak configurations, vulnerable services or weak credentials. Once they gather the data of thousands of targets they launch an attack against all, hoping that some of those targets will be vulnerable. Once the vulnerable machine is compromised via automated script, now the attacker can start filter out where to concentrate or the malware can take care of the rest, which are normally the second stage payloads. 

Now, having said that I also need to mention that if the dedicated hacker decides to hack you and get into the system, they will get into the system but this time it will not be by just clicking an automated script or ready made malware. 

With dedication, real attackers, threat actors will use various means to gain access to your system, be it your users, services, applications or even the physical barriers. 

As per the statistics released by Verizon 2020 breach investigation, around 45% of breach incidents are still happening due to active hacking, exploitation of vulnerabilities which could have been avoided with proper security hygiene. 

They will research your organization, learn about your and craft an attack specifically for your organization. Now, this is a scary situation of any organization. Chances of being hacked here are high.

https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf

That is why all organizations must be ready for the breach and prepare. 

So, what now ?

Prevention against the first scenario where you are the victim of a random attack is quite simple and with a good approach and planning you can protect yourself. 

Against a dedicated attacker, you need to have a special kind of security assessment and readiness exercise, like having continuous Penetration Testing / Red Teaming exercises and monitoring your logs. 

See our other blogs to understand what is Vulnerability assessment and Penetration testing and how they both can help you to stay secure. (to certain degree )