What hackers think of your cyber security efforts

A survey of 250 self-identified hackers at the twentieth annual Black Hat conference in Las Vegas last month has revealed the security technologies they find toughest to beat.

Of the hackers that responded, 38 per cent said multi-factor authentication was the ‘hardest to get past’ while 32 per cent considered encryption the toughest defence to beat.

Firewalls, anti-virus software, and intrusion prevention systems were considered the trickiest to overcome by less than 10 per cent of respondents respectively.

In order to capture critical data, ‘access to privileged accounts’ was unsurprisingly the preferred channel of 31 per cent of hackers in the Thycotic survey, followed by access to an email account (27 per cent), and access to a user endpoint (21 per cent).

With perimeter security technologies considered largely irrelevant, hackers are now focused on gaining access to privileged accounts and email passwords by exploiting human vulnerabilities.

Some 85 per cent of survey participants named humans as most responsible for security breaches, Unpatched software was named as most to blame by only 10 per cent of those asked.

Hackers also viewed threat intelligence solutions as one of the least effective security protections (59 per cent), along with reputation feeds (67 per cent) and education (47 per cent). Since threat intelligence is often also accessible to hackers, they are able to easily identify how they work and therefore avoid detection, Thycotic suggested.

Of the individuals that took part in the survey, 53 per cent of whom identified as white hats using their skills for good, 33 per cent black hats with malicious motivations and the rest somewhere in between.