cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Data Exfiltration within five hours of access by hackers

Hi All

 

An interesting reports on data exfiltration, stating that on average this will occur within five hours of a success access to an organisations crown jewels:  https://www-computerweekly-com.cdn.ampproject.org/c/s/www.computerweekly.com/news/252525373/Most-hac...

 

So if you are not prepared, be prepared to for this to occur.    Phishing and Social Engineering appears to be best avenues.

 

Regards

 

Caute_Cautim

2 Replies
JKWiniger
Community Champion

What has always surprised me is that companies don't seem to be using DLP solutions with rate limiters. Or better yet, is there a DLP or other solution that required approval to exfiltrate data above a set amount? It seems like it would be very hard to request that access if I person knows they will need it and it wouldn't seem like it would be a regular occurrence. And yes, you things like streaming services that do more large amounts of data but there again you could have things locked down so data could only be sent out certain addresses and ports by certain processes. Who am I kidding if we can't get places to do simple updates and backups how would this ever happen!

 

John-

Beads
Advocate I

I've had this discussion many times with many clients, their designers aka "architects", engineers and business executives all with similar excuses. That is until I am conducting a post mortem from the last time this happened and now they need help.

 

- B/Eads