Anatomy of a Cyber Attack - Insights into Attack Methods

information security policy office n.w
1 / 9
Embed
Share

Explore the anatomy of cyber attacks including attacker characteristics, steps in gaining access, and actions on objectives. Understand the evolving trends in cyber threats and the importance of defense strategies. Stay informed to enhance your organization's security posture.

  • Cybersecurity
  • Attack Methods
  • Threat Detection
  • Defense Strategies
  • Secure Networks
rayaanacharya
kare_385 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Information Security & Policy Office Anatomy of a Cyber Attack Tech Forum June 5, 2023

  2. Characteristics Attacker groups & economies Ransomware, credential stealers, etc. Hacking groups & social media Diversity of objectives Financial Gain Nation-State Activity Hacktivism Just For Fun Act Observe Decide Orient Non-linear activities OODA Loops! Information Security & Policy Office

  3. Steps Attacker attempts to gain & maintain initial access to the target environment Initial Foothold Attacker attempts to move inside the environment towards targeted systems or data Network Propagation Attacker performs the necessary actions within the environment to accomplish their objectives Action on Objectives Paul Pols, Unified Kill Chain Information Security & Policy Office

  4. Initial Foothold Reconnaissance Exploitation Social Engineering Vulnerability System Access Persistence Evasion Command & Control Information Security & Policy Office

  5. Network Propagation Pivoting Discovery Privilege Escalation Initial Foothold Other Systems Execution Credential Access Lateral Movement Information Security & Policy Office

  6. Action on Objectives Collection Exfiltration Action Impact Sensitive data is exfiltrated (extortion, collection) A system is configured to disrupt services Information Security & Policy Office

  7. Observations Growing preference to live off the land It looks pretty normal; less-likely to trigger alerting Requires greater monitoring of common privileged actions (whoami) Social engineering is cost-effective We get phished for the same reason we still get spam email It becomes less-effective if the credential isn t as useful Zero-Day exploitation exists Defense in Depth Information Security & Policy Office

  8. Information Security & Policy Office it-security@uiowa.edu 319-335-6332 QUESTIONS?

Related


Types Cyber Attacks: Cyber Security Training Workshop

Types Cyber Attacks: Cyber Security Training Workshop

anara
Cyber Security Toolkit for Boards: Comprehensive Briefings and Key Questions

Cyber Security Toolkit for Boards: Comprehensive Briefings and Key Questions

adalwolf
Artificial Intelligence in Cyber Security: Enhancing Threat Detection and Response

Artificial Intelligence in Cyber Security: Enhancing Threat Detection and Response

annabelle
Top Malware Protection Services in Dallas - Keep Your Business Safe

Top Malware Protection Services in Dallas - Keep Your Business Safe

Black
Cyber Data Breach Review_ A Comprehensive Insight with LDM Global in the USA

Cyber Data Breach Review_ A Comprehensive Insight with LDM Global in the USA

LdM
Top Cyber MSP Services in Dallas for Ultimate Security

Top Cyber MSP Services in Dallas for Ultimate Security

Black
Enhance Your Protection with MDR Cyber Security Services in Dallas

Enhance Your Protection with MDR Cyber Security Services in Dallas

Black
Cyber Crimes and Remedies in Gangtok by Himanshu Dhawan

Cyber Crimes and Remedies in Gangtok by Himanshu Dhawan

fern
Guide to Cyber Essentials Plus and IASME Gold Certification

Guide to Cyber Essentials Plus and IASME Gold Certification

eros
Cyber Laws in India

Cyber Laws in India

amoura
Managing Covid-19 Cyber and Data Protection Risks

Managing Covid-19 Cyber and Data Protection Risks

kaisen
First Nations Attack on Fort Michilimackinac 1763: Causes, Tribes, and Aftermath

First Nations Attack on Fort Michilimackinac 1763: Causes, Tribes, and Aftermath

aleia
Enhancing Cybersecurity for Windows Infrastructure: A Practical Guide

Enhancing Cybersecurity for Windows Infrastructure: A Practical Guide

marni
State Cyber Incident IT Q&A Call - July 30, 2019

State Cyber Incident IT Q&A Call - July 30, 2019

agustine
Cyber Security and Risks

Cyber Security and Risks

kathryn
Overview of Cyber Operations and Security Threats

Overview of Cyber Operations and Security Threats

joan
Duane Wolf Attack Simulation Study: Insights for Law Enforcement Officers

Duane Wolf Attack Simulation Study: Insights for Law Enforcement Officers

karol
Cyber Threat Assessment and DBT Methodologies

Cyber Threat Assessment and DBT Methodologies

jgra
Cyber Risk and Reinsurance Implications: A Comprehensive Analysis

Cyber Risk and Reinsurance Implications: A Comprehensive Analysis

vannatta_y
Addressing Cyber Risks in Professional Indemnity Insurance for Law Firms

Addressing Cyber Risks in Professional Indemnity Insurance for Law Firms

boak_ane
Cyber Insurance SIG Achievements and Plans

Cyber Insurance SIG Achievements and Plans

shol
Cyber Survivability Test & Evaluation Overview

Cyber Survivability Test & Evaluation Overview

gwe_pyb

More Related Content