Cyber Threat Life Cycle


A Target threat is when attackers make a conscious effort to attack a particular organization. So they take their time to study the origination systems and strategically plan the attack. There several common steps that an attacker takes during a targeted threat.

Several Steps in a Target Threat Life Cycle:

  1. External Reconnaissance occurs when attackers collect intelligence on HOW to successfully attack. The look for unpatched systems, ip address ranges, open ports and target endpoints.
  2. Breach (Penetration of the permitter) is achieved using one of the many tactics used to gain access such as : social engineering, phishing, vishing, brute force attacks, tailgating, drive by download ect. 
  3. Internal Reconnaissance is when the attackers collect intelligence on the internal system, by reviewing the system and search for admin accounts that they can hijack.
  4. Lateral Movement phase occurs when the attackers take control of the clients, servers, active directory domain controller. 
  5. Target Attainment  at this stage the attacker has a good handle on on IT systems and has installed the malware and gained access to several accounts, machines.
  6. Business Disruption, Exfiltration occurs when the attacker has achieved their end goal, which could be stealing data, corrupting systems or demanding ransom and disrupted business processes.
Businesses can mitigate the risks of a targeted threat by doing the following:

1. Assigning the least privileged access to users according to role based need. 

2. Maintaining anti-virus software to detect normal threats.

3. Instituting threat monitoring software or system that can detect irregular user behavior and access permissions.

4. Have a threat response plan or protocol in place to proactively shut systems down in order to actively stop an attack.

5. Backup data in case a a breach results in data loss or denial, you can retrieve the data from a recent backup.

6. Make sure you have a breach response plan in order to get appropriate legal advice, notify the appropriate parties, remediate risks to stakeholders and patch up vulnerabilities.




Comments

Post a Comment

all comments to this blog are moderated

Popular posts from this blog

Sample Privacy Risk Assesment Example and Explanation

Image
Privacy impact assessments (PIAs) are a tool that can be used to identify and reduce privacy risks. A PIAs can reduce the risks of harm to individuals by preventing the misuse of their personal information. PIAs are an integral part of taking a privacy by design ( PbD ) approach. They are used to design more efficient and effective processes for handling personal data. The use of PIAs is not something new, in fact the process has been used by a number of companies, entities and governments for over forty years now.  The PIA was created by the United States Office of Technology Assessment. The U.S. office of Management and Budget (OMB) publishes guidance on the implementation the privacy provisions by Federal Agencies under E-Government Act of 2002, including when to conduct a PIA. Under GDPR,  PIAs have become a centerpiece and necessary in certain situations. A PIA must be completed if a company is doing one of the following: Data controller or the data processor o
Read more

Preserving User Privacy in Digital Advertising: Navigating Consent and Privacy by Design

  By Victorianne Musonza #privacy-by-design #digitaladvertising #dataprivacy #CCPA #GDPR In the ever-evolving world of digital advertising, user consent, and data privacy should be an afterthought but rather something that is built into the design. As companies strive to engage consumers effectively, it is important to address these issues and implement robust mitigation strategies, all while embracing the concept of privacy by design. User consent is a major focus for data privacy in digital advertising. Consumers must have clear, transparent information about how their data is collected, used, and shared. By obtaining explicit consent, companies can establish trust and ensure that users are aware of the purpose and extent of data processing. This consent should be easily accessible, providing users with options to manage their preferences and exercise control over their personal information. However, obtaining mere consent is not enough; organizations must prioritize data privacy mit
Read more

Cross Border Transfer Mechanism: Model Clauses

A cross border transfer is one where the personal data is transferred from the EU to a country that is outside of the EU (EEA*). If the country where the data is transferred to does not have an adequate level of protection, a transfer mechanism must be used. Under GDPR, Model clauses are one of the many mechanism that can use used for cross border transfers . Model Clauses (Also known as Standard Clauses) are contractual clauses that are generally drafted and adopted a Data Protection Authority (DPA).  The Commission (One of the many EU governmental bodies) may also adopt Model Clauses, but have yet to do so. MCs set out the duties and obligations for both Controllers and Processors.  There are several noticeable differences between MCs and Binding Corporate Rules (BCRs): MCs require processors to provide an adequate level of protection of the personal data. MCs maybe used by unrelated entities. MCs do not require approval by the DPA.  MCs can not be altered and tailored.
Read more