20% of Russian IT systems have been subjected to cyber attacks due to the lack of software updates

Positive Technologies experts analyzed the vulnerability of Russian companies. According to the results of the study for 2016, 20% of the IT systems of Russian government agencies, industrial companies, banks and telecommunications operators have critical vulnerabilities associated with insufficient software updates.

Moreover, according to the researchers, most of the software that companies use to protect is hopelessly outdated. This software has not been updated for many years in a row. There are also cases when the update has not been done for nine years. Moreover, these cases are not isolated.

More than 50% of the tests performed using standard cyber attack schemes were able to gain complete control over the critical resources of companies (Active Directory, DBMS, ERP system, and so on).
')
Critically dangerous vulnerabilities associated with errors in the code of web applications are present in 27% of systems, and 20% revealed vulnerabilities due to the fact that software updates were not installed, Kommersant reports, citing a report from Positive Technologies.

System or application software without the necessary updates works in about nine out of ten companies, said the head of the analytical center Zecurion Vladimir Ulyanov. “There are many reasons for this. In some companies they are afraid that after updating some component will refuse to work or will start working incorrectly. The principle of "working - do not touch" is still one of the main dogmas of the system administrators, "he explains.

In addition, Ulyanov notes that a large amount of equipment, a variety of systems used, geographically remote branches and outdated systems also lead to the fact that some components are not properly serviced by IT specialists.

In general, the IT systems of banks, telecommunications operators and industrial enterprises, in 2016, the attackers committed 70 million cyber attacks. The volume of funds stolen by hackers from Russian banks only, according to Group-IB, amounted to 5.53 billion rubles over the same period.

Russia ranked second among the countries subjected to cyber attacks in the first quarter of 2017.

According to a report by Positive Technologies, in the first months of 2017, Russia accounted for 10% of all unauthorized impacts on information resources. In the US - 41% of all hacker attacks. In the UK - 7% of attacks. In total, experts of Positive Technologies recorded 26 countries that have undergone various cyber attacks.