Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
USE THREAT INTELLIGENCE TO KNOW WHEN YOU’RE A TARGET
EMPLOY STRICT PATCHMANAGEMENT PROCESSES
LEVERAGE BATTLE-TESTED SECURITY TO REDUCE DWELL TIME
Quite simply, threat actors are
‘finding the slow gazelle’ in order
to know which environment is
most susceptible to attack.
TARGET OBSERVATION & SELECTION
It’s time to plot the attack. The
infiltrators organize their assets,
finalize their objective and ready
their salvo for deployment.
DROP THE CROSSHAIRS
They’ve quickly identified
a vulnerability within your
defense. It didn’t take long.
A breach is imminent.
TARGET YOUR WEAKNESS
Once identified, threat actors get to
work mapping and detailing your
network, users and any critical or
valuable data points that may be
leveraged for their operation.
MAP A BATTLE PLAN
Threat actors use gathered
intelligence and begin probing
identified access points that
may offer little resistance
to complete their objective.
BEGIN THE ATTACK
One of the most critical steps,
threat actors are careful to
mask their behavior and
obfuscate their identity as that
of a normal or authorized user.
HIDE INSIDENETWORK SHADOWS
They’re in. In fewer than six
hours, they’ve mapped your
network, identified weaknesses
and now have access.
LET THE DATA FLOW
Before they’ve even stolen your
data, they’re already planning
their escape. This is critical.
PLAN EXFILTRATION
It’s not bolted down? Steal it.
Assuming the threat actors
didn’t have a high-value target
(e.g., credit cards, ePHI, EMR, PII)
already in mind, they’ll likely
take as much data as possible
and organize it later.
STEAL EVERYTHING
It’s time to execute the
exfiltration plan. They have
your data and now it’s time
to cut bait and get paid.
WALK OUT THEFRONT DOOR
You know what’s even more
valuable? An unlocked
backdoor. Savvy threat actors
will set up a path for future
access for additional gains.
SET UP FUTURE ACCESS
If they didn’t already have a
pre-arranged buyer, threat actors
begin selling off your data — and
that of your customers — to the
highest bidders on Dark Web
message boards, chat rooms,
auctions, paste sites and other
nefarious communities.
SELL YOUR SECRETS
US DataVault.com | 615-933-USDV (8738) |
@usdv_mhs
1200
FIGHT BACK?HOW DO YOU
Once a threat actor is inside your environment, they’re
purposeful, strategic and discreet. But how are they so
decisive and successful? Follow their eye-opening
hour-by-hour journey through your “secure” environment.
THE HOUR-BY-HOUR BREAKDOWN OF A THREAT ACTOR INSIDE YOUR ENVIRONMENT
xxx xxx
0400
0800
0100
0200
0300
0600
0700
0900
1000
0500
1100