back to article Doing business with Asia? Then worry more about security

Organisations across the Asia Pacific are terrible at information security, a Mandiant report contests. While businesses in the United States will detect a hacker in their networks within four months, in line with the global average, it takes 17 months for those in the Asia Pacific region to notice their intruder. The region …

  1. Version 1.0 Silver badge

    terrible at information security?

    Do you really think it's that good?

    While you're at it please add the Middle East to the list. Doing any business with China or the Middle East will cause a deluge of spam/hack attempts to descend on you. Japan, Taiwan, and the Far East (Malaysia etc) are no problem but one email to China and you need to man the barricades. I believe that virtually every PC in China and the Middle East is hacked.

  2. Anonymous Coward
    Anonymous Coward

    Local admin password

    "In addition, organisations typically did not vary the local administrator account password across systems in the environment."

    When I did pentesting, this was true of many organisations, not just in asia. This is still true today.

    It was usually for the helpdesk, having a local admin password the same across all machines meant it was easy to intervene, but what they created as effectively a domain admin account with hashes always stored locally... so the first machine you got a shell on, you just did a hashdump and then started moving laterally across the network with the metasploit psexec module (pass the hash) onto any machine.

    LAPS (Local Administrator Password Solution) is what helps. It won't stop an attacker entirely, but will make it much more difficult for him to use creds on the 1st machine he pwns to own the entire domain.

    1. Inachu

      Re: Local admin password

      One of the rules to operate your business in mainland china is that you must hand over your local admin password to chinese local govt. If you do not then you are not allowed to do business in china.

  3. Anonymous Coward
    Anonymous Coward

    Mandiant again

  4. Anonymous Coward

    Hackers detected within four months

    "While businesses in the United States will detect a hacker in their networks within four months"

    So, that would mean that there is an unknown amount of hackers that are never detected. Or the amount of time such hacks come to the attention of Fireeye is four months. What was the point of this article again. At least they didn't say cyber-something. Oh, I just went back and had another look, ooh yes they did ...

  5. Alan Brown Silver badge

    It's shameful to admit to being hacked in many countries.

    It needs to be made even more shameful to be caught covering things up.

    The way this was addressed for Japan was to start notifying senior management instead of the IT departments - they'd come down on the BOFH-wannabes like a tonne of bricks (partly because they have personal legal liability in such cases)

    It's probably a matter of doing the same in other countries. Lower level manglement has a tendency to cover up bad things to save losing face with senior managlement, but in many cases senior manglement is _extremely_ sensitive to bad publicity.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like