In the world of cyber security, a single defeat can be extremely costly.Before you create a plan, it’s vital to learn about the anatomy of a data breach – and understand who your attackers are.
In a standard data breach, the type that occurs between 80 to 90 million times per year, there are roughly 6 essential steps, each of which will be outlined below. It’s time for a quick anatomy lesson to strengthen your cyber security program:
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
The Anatomy of a Data Breach
1.
2. Isn’t it time you return the favor,
and find out what makes them tick
before a data breach occurs?
Cyber attackers do considerable
research on your company.
3. In a standard data breach,
there are roughly 6 essential steps,
each of which will be outlined in the following slides.
the type that occurs between 80 to 90 million times per year*
*Data Source: welivesecurity
6. During a passive recon exercise, attackers use tools such as
Netcraft to learn about a site’s web server,
IP addresses and the date last changed.
There are a number of tools that cyber
attackers use to learn about your network -
before they ever launch a threat.
7. Tools such as Nmap enable attackers to
view your site’s open ports and the specific
details about your operating system.
Active recon is riskier
and requires an active connection
between the attacker and the target.
9. Cyber attackers exploit these weaknesses
using social engineering to trick people
into breaking standard security protocols.
52% of cyber attacks occur
because of human error*
*Data Source: SC Magazine
10. Attackers set up legitimate-looking emails or websites
that deceive users into clicking on malicious links,
which create a door for attackers to walk through.
One of the most common social
engineering attacks is phishing.
12. The most valuable data isn’t usually on
a user endpoint; attackers must dig deeper
to find what they’re looking for.
When attackers gain access
to a user’s workspace, they immediately
start studying the surrounding environment.
14. After studying the surrounding workstations,
attackers move laterally throughout the network.
This step is repeated until the attacker
reaches the end goal.
15. Lateral movement requires that attackers
compromise more user domains and escalate
privileges as the target server comes into view.
17. Many companies leave their core servers
insufficiently protected, thinking that their
perimeter measures will keep attackers out.
Lateral movement continues until attackers reach
the server containing the sensitive data
they’ve been searching for.
19. one that’s getting shorter now as the white hats get smarter
This is when attackers have reached their
end goal, and suddenly they’re on a time clock...
20. They need to copy sensitive data,
and send it off to an external command
and control server as quickly as possible.
The longer attackers spend in the network,
the greater their risk of detection.
21. By implementing deception technology
and understanding the steps leading up to a data breach,
you can be proactive in your cyber security measures.
Preventing the Next Data Breach:
Get Out Ahead of Your Enemy