///////////////////////////////////////////////////
t cht lk
TEN STEPS TO
TAKE TO STOP
LATERAL MOVEMENT
IN DATA BREACHES
Sometimes it can seem as if we are almost powerless in the face
of so many potential cyberattacks. But the good news is we can
take steps to seriously limit the chances of being successfully
attacked by malicious actors. We asked Brad Hibbert, Lead
Solutions Strategist at BeyondTrust, to nominate 10 steps to stop
lateral movements in data breaches.
A
s highlighted in the 2017 Verizon
Data Breach Investigation Report
(DBIR), 75% of attacks come
from the outside and a whopping 81% of
hacking-related breaches leveraged either
stolen and/or weak passwords. While the
specific tactics may vary, the stages of
an outsider attack are similar and usually
follow four steps.
First, the attackers penetrate the perimeter
but more than likely, they execute a
successful drive-by download or launch a
phishing attack to compromise a user’s
system and establish a foothold inside the
www.intelligentcio.com
network; all the while flying ‘under the radar’
of many traditional security defences.
Next, they establish a connection - unless
it’s ransomware or self-contained malware,
the attacker quickly establishes a connection
to a command and control (C&C) server to
download toolkits, additional payloads, and
to receive additional instructions. According to
the Verizon report, social attacks were utilised
in 43% of all breaches in this year’s dataset.
Almost all phishing attacks that led to a
breach were followed with some form of
malware, and 28% of phishing breaches
“
IT’S NOT A
MATTER OF IF,
BUT A MATTER OF
WHEN, YOU WILL
BE SUCCESSFULLY
BREACHED.
INTELLIGENTCIO
95