Remote control: how an attacker’s actions are manipulated by deception
When we hear about cybersecurity incidents, it is mostly because an attacker is in the box seat and in control. Perhaps they have breached a company and exfiltrated data, or unleashed ransomware or some other type of malware payload.
By contrast, we often do not hear about attacks that have organisations have successfully repelled.
Within information security, there have been long-running efforts and investment to ‘turn the tables’ and put the balance of power back into the hands of defenders.
It leads to the question: to what extent can defenders guide – or even attempt to control – an attacker’s movements completely?
To answer this, one must first understand how an attacker approaches a target.
The MITRE ATT&CK framework is one way of understanding attack tactics and techniques. Its matrices offer a way to determine what steps a particular attack might follow and outcomes it might commonly lead to as a result.
Increasingly, attacks such as ransomware are targeted and surgical.
Full fabric deception platforms allow organisations to engage an attacker fully, gather intelligence, and then take that information and automate the incident response actions behind it.
Read the complete article by Jim Cook in IT Wire.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise