The Vectra Networks™ Post-Intrusion Report (PIR) provides a first-hand analysis of active and persistent network threats inside an organization. This study takes a multidisciplinary approach that spans all strategic phases of a cyber attack, and as a result reveals trends related to malware behavior, attacker communication techniques, internal reconnaissance, lateral movement, and data exfiltration.
• 100% of the networks analyzed in the report exhibited one or more indicators of a targeted attack. • Targeted attack indicators were on the rise, led by a 580% increase in lateral movement techniques along with a 270% increase in internal reconnaissance. A spike in these behaviors may indicate that attackers are increasingly successful at penetrating perimeter defenses. • While command and control behaviors remained flat, the riskiest forms of command and control were on the rise with a marked increase in Tor as well as external remote access tools. • For the first time, Vectra was able to perform a study of hidden tunnels without the need to decrypt SSL. This analysis showed that HTTPS is the preferred vehicle over HTTP for hidden tunnels.
oops! It appears you have an ad blocker enabled. To register, please disable your ad blocker.