All corporate networks are highly vulnerable to attacks that would give hackers full control of their infrastructure, according to a Tuesday report from Positive Technologies.
The report studied 2017 audits of 22 corporate systems belonging to companies across different industries, including IT, finance, retail, and transportation. Positive Technologies researchers were able to gain full control of infrastructure on every corporate networks they attempted to compromise. Only 7% of the systems studied were moderately difficult to access, the report found.
These results indicate that penetrating a network perimeter has become easier than in the past: Researchers rated the difficulting of accessing the internal network as "trival" in 56% of the 2017 tests, compared to 27% in 2016.
Each company had an average of two attack vectors that allowed their network to be infiltrated, according to the report. For one corporation, researchers found 10 different vectors. The oldest vulnerability found—CVE-1999-0532—dates back 18 years, the report found.