‘Twas the Cyberattack Before Christmas
Authored by: Carolyn Crandall, Chief Security Advocate & CMO, Attivo Networks
‘Twas the night before Christmas, and all through the network,
Security was strong, leaving nothing to guesswork.
Lures and decoys were spread through the network with care,
So that any attackers would soon be ensnared.
The files and data were all safely secured,
Their protection from attackers was all but assured.
And the security pros who had worked hard all year
Knew the data was safe—there was nothing to fear.
Then out of the system arose an alarm,
And the team leapt to protect the network from harm.
Thanks to their tools they had great visibility,
To see what was disturbing the network’s tranquility.
What they found was their data all safely concealed,
And what triggered the alert was shortly revealed:
When the attackers had queried the Active Directory,
A decoy sent their attack on a brand-new trajectory.
Instead of receiving high-value credentials,
The attackers were isolated from network essentials.
Their celebration, it turns out, had been premature:
All that “valuable data” was merely a lure.
Even cunning attackers’ plans can be foiled,
Their plans for a payday effectively spoiled.
When the defenders returned to their holiday cheer,
They said what attackers all needed to hear:
“Whatever your methods, they’ll soon be subdued,
Credential theft, malware, and ransomware, too!
Deception and concealment are our favorite tools yet,
So, dash away, dash away, dash away threats!”
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise