By Joseph Carson, Head of Product and Cyber Expert, Arellia
Every advanced persistent threat uses application vulnerabilities and privileged accounts to gain access so they can reach their target and carry out fraudulent or malicious activity. To mitigate against these threats means getting visibility on who has privileged access and which systems pose the highest risk that can download and install applications from the internet without proper security controls to prevent you from being the next victim of cyber-crime.
- Discover and reduce privileged users/accounts
- Before allowing applications to install or execute check if it is safe
- Continuous protection and detection against cyber threats
Cyber threats are real and everyone is a target. No one is excluded and you must take action to understand what these risks are and how they impact your business. Cyber security awareness and training should now become mandatory to anyone who is operating computer resources or technology that is critical to business functions. The biggest threats today are targeted phishing and advanced persistent threats that target valuable assets of an organisation and they use multiple hacking stages in order to carry out their work. These stages include:
- Gaining access
- Pivot building
- Privilege escalation
- Maintaining access
- Malicious activity
- Covering tracks
Reconnaissance is a stage for learning as much about the organisation as possible with information that is already available on the public internet. Gaining access typically uses targeted phishing attacks or known vulnerabilities in systems and applications that allow an attacker to gain access and get through the perimeter security defences followed by discovering the network. The difference between a low severity breach and a high severity breach is the privileged account that has been compromised. The privilege escalation stage of the attack determines how damaging a cyber breach will impact the organisation; this is the difference between compromising a single device or users credentials and the entire organisation. Once a privileged account is compromised the attacker can carry out the next phases of the attack to maintain access, carry out fraudulent activities, ransomware, stealing sensitive data or malicious activity.
Arellia can help organisations protect and detect against these cyber threats by mitigating gaining access, system vulnerabilities, discovering and mitigating privileged accounts and making maintaining access more difficult for an attacker.
Learn more about how Arellia can help your organisation mitigate against cyber threats by going to www.arellia.com