Skip to main content

Evidence of compromise present in almost all enterprise networks

(Image credit: Pixabay)

Almost all large organisations in Eastern Europe have been compromised (opens in new tab) to some extent. This is according to a new report from Positive Technologies, which claims 97 percent of companies with at least 1,000 employees show signs of suspicious network activity.

Of all compromised networks, 64 percent exhibited instances of traffic hiding (VPN tunnelling, connecting to the Tor network and proxying).

"Traffic hiding is risky, because when the employees connect to Tor, set up proxy servers, and set up VPN to bypass websites blocking, the hackers can use the same technologies to communicate with command and control servers," said Evgeny Gnedin, Head of Information Security Analytics at Positive Technologies. 

"The attackers can use that to control the malware and trigger a payload attack," he added.

Further, 81 percent of companies’ advanced network traffic analysis detected malware activity (opens in new tab), including miners, adware and spyware.

In a third of cases, internal networks had been scanned, which includes multiple failed attempts to connect to hosts. The report suggests this could mean hackers had attempted to map out the network.

According to Positive Technologies, in many cases compromise is caused by a lack of attention to company policies. In 94 percent of companies, employees are not compliant with information security policies, “opening the door for the hackers to exploit”.

Problems also arise when sensitive data is transmitted in cleartext, or remote access software is deployed. In 44 percent of cases, employees use BitTorrent protocol for data transfer, which increases the risk of malware infection.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.