Security News > 2021 > July > Data Exfiltration: What You Should Know to Prevent It

Data Exfiltration: What You Should Know to Prevent It
2021-07-01 13:00

Many data leaks are the result of data exfiltration or the illegal transfer of data from a device containing sensitive information to unauthorized parties.

Also known as data exportation, data extrusion or simply data theft, data exfiltration is one of the final stages of the cyber kill-chain and the most important objective of advanced persistent threats.

Once the critical data and assets are discovered, data-exfiltration techniques are initiated to transfer the data to the threat actor's C2 server.

Once the data transmission is complete, the attackers take the server offline to evade detection and move the stolen data to an offline repository.

Data exfiltration can be difficult to detect because it involves moving data within and outside a company's network.

Unsuccessful detection results in substantial data loss incidents flying under the radar until data exfiltration has already been completed.


News URL

https://threatpost.com/data-exfiltration-prevent-it/167413/