Adarma Cyber Insiders Vol 3 Digital spreads FINAL 2 - Flipbook - Page 46


WHAT IS AN ATTACKER’S NEXT MOVE?
After breaching your defences, a threat
actor will often use a tactic called
Lateral Movement to venture further
into a system seeking sensitive data or
other high-value assets. Administrative
accounts are a prime target, these
accounts will grant the attacker greater
control within the company’s digital
estate, either for data exfiltration or as
a precursor to a ransomware attack.
Attackers will also be able to escalate
privileges and discreetly disable safety
measures to guarantee ongoing access.
To increase dwell time and evade
detection, threat actors will then seek
to compromise an endpoint that is not
monitored or has no security controls
in place. This digital blind spot means
that even if the original infected
endpoint is discovered, the attacker
can seek shelter on another machine.
From this relatively safe vantage point,
they can continue to scope and map
out the network, users and devices.
If not ejected quickly, an attacker could
potentially lurk for days or weeks in the
network before launching an attack or
quietly stealing data.
STEALING THE KEYS TO THE CASTLE
Once secure inside the network, the
attacker may use key-logging tools or
social engineering techniques, such as
typo-squatting and phishing, to obtain
the credentials that will allow them to
bypass security controls and navigate
freely through the network.
With these digital keys, the attacker can
manipulate a compromised machine to
disable security controls like anti-virus
or EDR and establish secondary access
points or, in the case of ransomware
groups, prepare for a scorched-earth
scenario if access is lost.
46
46
|
ADARMA CYBER INSIDERS
It can be difficult to detect these
activities as they often resemble
normal network traffic. However,
attackers are not infallible and can
make mistakes that trigger alerts.
Nonetheless, if these alerts are not
properly investigated or triaged, the
incident may be misidentified as
isolated and not linked to a more
significant ongoing attack.

Adarma Cyber Insiders Vol 3 - Flipbook - Page 1
Adarma Cyber Insiders Vol 3 - Flipbook - Page 2
Adarma Cyber Insiders Vol 3 - Flipbook - Page 3
Adarma Cyber Insiders Vol 3 - Flipbook - Page 4
Adarma Cyber Insiders Vol 3 - Flipbook - Page 5
Adarma Cyber Insiders Vol 3 - Flipbook - Page 6
Adarma Cyber Insiders Vol 3 - Flipbook - Page 7
Adarma Cyber Insiders Vol 3 - Flipbook - Page 8
Adarma Cyber Insiders Vol 3 - Flipbook - Page 9
Adarma Cyber Insiders Vol 3 - Flipbook - Page 10
Adarma Cyber Insiders Vol 3 - Flipbook - Page 11
Adarma Cyber Insiders Vol 3 - Flipbook - Page 12
Adarma Cyber Insiders Vol 3 - Flipbook - Page 13
Adarma Cyber Insiders Vol 3 - Flipbook - Page 14
Adarma Cyber Insiders Vol 3 - Flipbook - Page 15
Adarma Cyber Insiders Vol 3 - Flipbook - Page 16
Adarma Cyber Insiders Vol 3 - Flipbook - Page 17
Adarma Cyber Insiders Vol 3 - Flipbook - Page 18
Adarma Cyber Insiders Vol 3 - Flipbook - Page 19
Adarma Cyber Insiders Vol 3 - Flipbook - Page 20
Adarma Cyber Insiders Vol 3 - Flipbook - Page 21
Adarma Cyber Insiders Vol 3 - Flipbook - Page 22
Adarma Cyber Insiders Vol 3 - Flipbook - Page 23
Adarma Cyber Insiders Vol 3 - Flipbook - Page 24
Adarma Cyber Insiders Vol 3 - Flipbook - Page 25
Adarma Cyber Insiders Vol 3 - Flipbook - Page 26
Adarma Cyber Insiders Vol 3 - Flipbook - Page 27
Adarma Cyber Insiders Vol 3 - Flipbook - Page 28
Adarma Cyber Insiders Vol 3 - Flipbook - Page 29
Adarma Cyber Insiders Vol 3 - Flipbook - Page 30
Adarma Cyber Insiders Vol 3 - Flipbook - Page 31
Adarma Cyber Insiders Vol 3 - Flipbook - Page 32
Adarma Cyber Insiders Vol 3 - Flipbook - Page 33
Adarma Cyber Insiders Vol 3 - Flipbook - Page 34
Adarma Cyber Insiders Vol 3 - Flipbook - Page 35
Adarma Cyber Insiders Vol 3 - Flipbook - Page 36
Adarma Cyber Insiders Vol 3 - Flipbook - Page 37
Adarma Cyber Insiders Vol 3 - Flipbook - Page 38
Adarma Cyber Insiders Vol 3 - Flipbook - Page 39
Adarma Cyber Insiders Vol 3 - Flipbook - Page 40
Adarma Cyber Insiders Vol 3 - Flipbook - Page 41
Adarma Cyber Insiders Vol 3 - Flipbook - Page 42
Adarma Cyber Insiders Vol 3 - Flipbook - Page 43
Adarma Cyber Insiders Vol 3 - Flipbook - Page 44
Adarma Cyber Insiders Vol 3 - Flipbook - Page 45
Adarma Cyber Insiders Vol 3 - Flipbook - Page 46
Adarma Cyber Insiders Vol 3 - Flipbook - Page 47
Adarma Cyber Insiders Vol 3 - Flipbook - Page 48

Paperturn flip book