AUGUST 2013
H
business elite canada
75
a Cyber Attack
OCAL
THODS
TWORK
THODS
USER/GROUP ACCOUNTS
DOC/MAILBOX/TEXT SEARCH
KEY LOGGING
UN/POORLY PATCHED
ARP HIJACK/MITM
POORLY PROTECTED SHARES
PASSWORD CRACKING/SAM
BROAD SCANNING
L ANALYSIS
to
About You’
LATERAL ACCESS
to
‘Secret Sauce’
ONGOING EDUCATION
DATA EXFILTRATION
Sniffing | Brute Force
LDAP | FTP | SHL | SNMP | Net Bios | Anti-Virus | Email
INFILTRATE
Establish beach head
in target organization
EXPLORE
Locate core assets and
valuable information
EXPAND
Mulitple penetration
points and continue to
gather information
EXFILTRATE
Information for profit,
economic/politcal gain,
brand destabilization
states are oftentimes there to
acquire information, and in-
clude national governments.
And the hackers’ main mis-
sion is to shut down and dis-
rupt business.
Haynes says there is a simple
method to hacking an organi-
zation’s network.
“What the [threat actors] have
to ensure is that their exploit
has never been seen before,”
says Haynes. “All you have
to do is change it enough so
that it has a different DNA-like
signature, and it goes straight
through.”
