Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

The Anatomy of a Data Breach

2 248 vues

Publié le

In the world of cyber security, a single defeat can be extremely costly.Before you create a plan, it’s vital to learn about the anatomy of a data breach – and understand who your attackers are.
In a standard data breach, the type that occurs between 80 to 90 million times per year, there are roughly 6 essential steps, each of which will be outlined below. It’s time for a quick anatomy lesson to strengthen your cyber security program:

Publié dans : Technologie
  • Soyez le premier à commenter

The Anatomy of a Data Breach

  1. 1. Isn’t it time you return the favor, and find out what makes them tick before a data breach occurs? Cyber attackers do considerable research on your company.
  2. 2. In a standard data breach, there are roughly 6 essential steps, each of which will be outlined in the following slides. the type that occurs between 80 to 90 million times per year* *Data Source: welivesecurity
  3. 3. to strengthen your It’s time for a quick anatomy lesson cyber security program...
  4. 4. Active/Passive External Reconnaissance Step 1
  5. 5. During a passive recon exercise, attackers use tools such as Netcraft to learn about a site’s web server, IP addresses and the date last changed. There are a number of tools that cyber attackers use to learn about your network - before they ever launch a threat.
  6. 6. Tools such as Nmap enable attackers to view your site’s open ports and the specific details about your operating system. Active recon is riskier and requires an active connection between the attacker and the target.
  7. 7. Social Engineering and Phishing: Gaining Access Step 2
  8. 8. Cyber attackers exploit these weaknesses using social engineering to trick people into breaking standard security protocols. 52% of cyber attacks occur because of human error* *Data Source: SC Magazine
  9. 9. Attackers set up legitimate-looking emails or websites that deceive users into clicking on malicious links, which create a door for attackers to walk through. One of the most common social engineering attacks is phishing.
  10. 10. Internal Reconnaissance: Always Learning More Step 3
  11. 11. The most valuable data isn’t usually on a user endpoint; attackers must dig deeper to find what they’re looking for. When attackers gain access to a user’s workspace, they immediately start studying the surrounding environment.
  12. 12. Moving Laterally: Getting Closer to the Goal Step 4
  13. 13. After studying the surrounding workstations, attackers move laterally throughout the network. This step is repeated until the attacker reaches the end goal.
  14. 14. Lateral movement requires that attackers compromise more user domains and escalate privileges as the target server comes into view.
  15. 15. Hitting the Jackpot Step 5
  16. 16. Many companies leave their core servers insufficiently protected, thinking that their perimeter measures will keep attackers out. Lateral movement continues until attackers reach the server containing the sensitive data they’ve been searching for.
  17. 17. Exfiltration: Getting Out Alive Step 6
  18. 18. one that’s getting shorter now as the white hats get smarter This is when attackers have reached their end goal, and suddenly they’re on a time clock...
  19. 19. They need to copy sensitive data, and send it off to an external command and control server as quickly as possible. The longer attackers spend in the network, the greater their risk of detection.
  20. 20. By implementing deception technology and understanding the steps leading up to a data breach, you can be proactive in your cyber security measures. Preventing the Next Data Breach: Get Out Ahead of Your Enemy
  21. 21. Request a Demo

×