|24 Jan 2011||#1|
| || |
How Attackers Steal Your Data
Pulling valuable data out of corporate networks is the end goal of many, if not most, attacks these days and the tactics that attackers use to get into their targets are fairly well understood and publicized. But it's not often that you get a look at the way that the data is actually removed from the victims' networks.
Two security consultants from Mandiant presented a fascinating view at Black Hat DC here this week of the methods that attackers are using to exfiltrate the data that they steal from their targets. Many of the methods are what one would expect, but in the case studies that Ryan Kazanciyan and Sean Coyne discussed in their talk, there often was a simple twist that make the operation more effective.
The general scenario that the pair outlined for long-term data-stealing operations was a familiar, logical one. The attacker finds a way into the network, often through a highly targeted spear phishing email containing a PDF or Word document with an exploit in it, and gets a foothold on a client machine. He then uses another exploit to escalate his privileges and move to another machine, looking for a PC with valuable data in the form of documents, spreadsheets, financial information or whatever else is available. That data is then moved to a staging area on the network until the attacker packages it up and sends it out.
|My System Specs|
|Similar help and support threads for2: How Attackers Steal Your Data|
|Extreme Situation- Did someone try to steal my computer?||Hardware & Devices|
|Firefox Extension Allows Anyone to Steal Logins over Insecure Networks||System Security|
|I want calculator to steal focus!||General Discussion|
|Ultimate Steal?||Microsoft Office|
|Attackers going after end users rather than servers.||Security News|
|Ultimate Steal question||General Discussion|
|ultimate steal Problems||Installation & Setup|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 10:10 AM.