As the shelter-in-place (SIP) rages on within California, the Bay Area and its workers are forced to continue working remotely. At times, it feels like our world has drastically changed. Despite how mixed up everything may seem, it appears to be business as usual for robocalls, scammers, and hackers.
Known to the cybersecurity landscape as a “lateral movement” or “lateral attack,” the breach and move attack method has become a favorite for hackers today. These attacks will typically target business supply chains in hopes of gaining access to their desired end target. One of the more famous lateral attacks was in 2013 when the department store Target was breached by hackers. The hackers were able to infiltrate Target’s HVAC System Software. From there they were able to travel within the network and steal credit card data from unknowing customers.
Research performed by Carbon Black in 2019 found that 70% of all cyberattacks seen today involve some form of lateral movement. At Clare Computer Solutions, we offer solutions that work to prevent these attacks. By actively preventing and containing any possible movement, we can mitigate or minimize the amount of damage the breach can cause. Solutions to minimize this lateral movement must break up patterns of lateral movement through segmentation that walls off data into distinct areas. Companies need to take a more proactive approach to security and understand that when hackers or bad actors breach your network, the breach point is not always their primary objective. Often it is the more valuable target downstream that they are hunting for.
Four Seconds of Danger
Lateral attacks breach business systems in under four seconds. With the help of a successful phishing attempt, these attacks can pivot and start seeking their real target. Lateral attacks are purpose-built for speed, while more complex attacks take longer to set up and execute. What can you do to halt lateral movement in your network?
Many of these attacks achieve their goal by breaking into a downstream web server, email account, employee workstation, or other network location. By moving laterally from the initial breach location, they can cause severe damage to your network and its systems. By implementing Clare Computer Solutions NetCentral Secure Services, we can discover and address these lateral attacks at earlier stages before cybercriminals can harm end targets.
What can businesses do to minimize their risk?
- Update Endpoint Security
The reasoning behind these targeted attacks on organizations is simple. By infecting only one device, bad actors make their activity less noticeable to security tools or teams, like allowing them to slip in unnoticed with a targeted phishing attack versus a distributed denial-of-service (DDoS) attack. Begin to reassess your security strategy, ensuring your business is using the most effective approach possible. The need to start including both prevention technology to stop intrusion attempts and endpoint detection and response (EDR) to detect and respond to any suspicious activity has arrived. It has become crucial to businesses today. Adopting both capabilities is an essential first step for any organization looking to protect its data. - Best Defense Is a Good Offense
The best possible defense is to eliminate these attacks before they strike. Businesses need to augment their internal teams with tools or services that actively monitor for and search for all threats, hidden or not. Managing any unpatched systems or software prevents critical vulnerabilities from being exploited. Unfortunately for many, it is no longer good enough to only have strong threat prevention. Businesses must remain vigilant about identifying the warning signs before being blindsided. - Maintain Proper IT Hygiene
Organizations need a solution capable of capturing unexpected logins, suspicious remote access, or permission alerting. By evaluating the possibility of a breach, given the current protection, provides a picture of what data is out there on the internet and how to prevent these leaks from occurring. Businesses can use the easiest and most effective way to reduce lateral movement attacks by implementing greater protections like patch management, regular security assessments, and endpoint protection solutions.
For businesses today, the challenge is two-fold. Stop the breach before occurring, or if something does occur, have sufficient internal protections in place to stop further harm across your business.
Wish to evaluate your cybersecurity efforts?
Schedule an evaluation of your business’s cybersecurity – contact Clare Computer Solutions to get started.
