SIMonline

Service receive & sending SMS

Attacks inside IT networks

312   |     /   Security

Attacks inside IT networks
According to a new report published by Vectra, there is a key difference between attacks that examine IT networks for critical infrastructure information and those that actually target industrial control systems (ICS). A Spotlight 2018 report on energy and utilities found that most cyber attacks on utilities and utilities are occurring and succeeding within corporate IT networks, rather than critical infrastructure.



 virtual sim cards

According to these findings, the detection of hidden threats in enterprise IT networks before attackers can spy, spread and steal is becoming more critical, according to the report. Attackers choose the time and carefully conduct campaigns so that they occur within a few months.

As a result of analyzing specific actions of cybercriminals in recent campaigns used to steal important ICS information, the report found that “in several cases, the participants in the threats accessed workstations and servers on the corporate network that contained data output from ICS in production buildings energy. This is due to the suspicious administrator and the suspicious behavior of the Kerberos account. ”

Often over the course of several months, these slow, quiet reconnaissance missions include monitoring operator behavior and creating a unique attack plan. The study found that remote attackers entrenched themselves in networks with energy and utilities, creating malware to steal administrative credentials. Inside, they use administrative connections and protocols to conduct cross-section reconnaissance and distribution in search of confidential data on industrial control systems.

“The covert abuse of administrative authority gives attackers unrestricted access to critical infrastructure systems and data,” said David Monahan, managing director of security and risk management at Enterprise Management Associates. “This is one of the most important areas of risk in the life cycle of a cyber attack.”

A report based on observations and data published in the Black Hat Conference Edition on user behavior of the attack also found that during the attack phase with commands and control, 194 malicious external remote access behaviors were detected on 10,000 host devices and workloads Also, in each of the 10,000 host devices and workloads, 314 side attack movements were detected. And at the final stage of the attack life cycle at the stage of 10,000 host devices and workloads, an extrafiltration phase of 293 data smugglers was discovered.


Similar news


What to expect from VPN in 2020

Ten years ago, few people knew about virtual private networks. Today everyone knows about VPN importance and viability. It is not surprising that this is a growing market, and it is ready to continue its upward trend in the coming years.

7 sins of using the Internet at work

According to a new study, almost four out of five technology experts believe that employees put their companies at risk by not being able to act safely on the Internet.

Question and Answer Authentication

In information security, request-response authentication is a type of authentication protocol in which one entity represents a problem or question and another entity provides a valid authentication response. Request-response authentication is an authentication method used to confirm the identity of a user or other object requesting access to a computer, network, or other network resource. This ...



SIMONLINE.SU

This is not only a service for receiving and sending SMS messages to virtual numbers, but also a tutorial on user safety in the modern world, the latest developments in IT, social media security, fresh programs and lessons that simplify our lives. So are other issues encountered by the average user. In simple words, each user will find for themselves something interesting or answers to their questions.

SIMonline © 2018 - 2020

All rights reserved