The anatomy of an endpoint attack

2020-10-12 04:30

Take the massive Norsk Hydro ransomware attack as an example: The initial infection occurred three months prior to the attacker executing the ransomware and locking down much of the manufacturer's computer systems.

What exactly are attackers doing with that time? How do they make their way onto the endpoint undetected?

These fileless malware attacks can range from difficult to impossible to detect with traditional endpoint anti-malware engines that rely on scanning files to identify threats.

Without the victim changing the stolen credentials, the attacker could have likely re-initiated their attack at-will.

No matter the size of an organization, it's important to adopt a layered security approach that can detect and stop modern endpoint attacks.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/RXuywaS81_U/

#attack #endpoint