13 Lateral Movement Tactics Security Experts Should Recognize - MrLiambi's blog


My tweets


Saturday, 14 August 2021

13 Lateral Movement Tactics Security Experts Should Recognize

One of the most curious elements of this year's Verizon Data Breach Investigations Report (DBIR) was the inclusion of the new attack pattern "system intrusions." Representatives from Verizon identified the category as a broad one that tends to include attacks with many steps, indicating significant lateral movement within the network. Research shows that many recent high-profile attacks involved lateral movement, including the Colonial Pipeline attack, the SolarWinds attack, and the Microsoft Exchange breach.

"Smash and grab" attacks used to be widespread: attackers would enter the network and steal/encrypt any data they could get their hands on. The rise of more sophisticated attackers, Ransomware 2.0, and other advanced threats has changed this. Attackers are now more willing (and able) to move around the network undetected, looking for the most valuable data to steal. They conduct reconnaissance, look for exposed or otherwise vulnerable credentials, and escalate their privileges, often targeting Active Directory (AD), which means complete domain dominance if they succeed.

Source : https://dzone.com/articles/lateral-movement-tactics-security-experts-should-recognize

No comments:

Post a Comment