Top Banner
Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1 Advanced Targeted Attacks — The Attack Lifecycle
8

Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Jan 30, 2018

Download

Documents

trandieu
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 1

Advanced Targeted Attacks — The Attack Lifecycle

Page 2: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 2

Today’s Cybercriminal Profile

•  Armed with drag and drop toolkits •  Committed to multi-stage, multi-

vector plan of attack •  Goal to breach defenses to

obtain valuable information

Page 3: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 3

STAGE 1: System Exploitation

•  Drive-by attacks and casual browsing •  Delivered via Web or email

•  Blended attack across multiple threat vectors

Page 4: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 4

STAGE 2: Binary Payloads Downloaded, Long-Term Control Established

•  Additional malware binaries downloaded •  One exploit equals dozen of infections

on same system

•  Criminals establish long-term control mechanisms

Page 5: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 5

STAGE 3: Malware Callbacks

•  Malware calls criminal servers for instruction

•  Replicates and disguises itself to avoid scans

•  Malware communications allowed through firewall

Page 6: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 6

STAGE 4: Data Exfiltration

•  Acquired data staged for exfiltration •  Exfiltrated over common protocols

•  Arrives at external server controlled by criminal

Page 7: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 7

STAGE 5: Malware Spreads Laterally

•  Establish long-term network control •  Malware spreads laterally

•  Conducts reconnaissance

Page 8: Advanced Targeted Attacks — The Attack · PDF fileAdvanced Targeted Attacks ... STAGE 1: System Exploitation • Drive-by attacks and casual browsing • Delivered via Web or email

Copyright (c) 2012, FireEye, Inc. All rights reserved. | CONFIDENTIAL 8

FireEye Malware Protection System

•  Next generation, advanced threat protection •  Industry’s only fully integrated solution •  Protects against advanced attacks

across multiple vectors •  Addresses all stages of advanced

attack lifecycle •  Effective against advanced persistent

targeted attacks


Related Documents
Malware & Targeted Attacks: 8 Step Defense Plan

Malware & Targeted Attacks: 8 Step Defense Plan

Category: Technology
Defending Against Targeted Attacks - Cisco › web › learning › le21 › le34 › downloads › ... · Targeted Attacks Image Spam IPv6 Botnets Conficker Aurora Covert, Sponsored

Defending Against Targeted Attacks - Cisco › web ›...

Category: Documents
Uk banks targeted in cyber attacks

Uk banks targeted in cyber attacks

Category: Business
Targeted Email Attacks - Home - iSecure · Targeted Email Attacks A Detailed Analysis from FortiGuard Labs Sophisticated attacks are increasingly designed to bypass organization-

Targeted Email Attacks - Home - iSecure · Targeted Email.....

Category: Documents
TARGETED ATTACKS - AFKC€¦ · TARGETED ATTACKS WHITEPAPER 4 1. INTRODUCTION Cybercriminals today have evolved their techniques into more complex attacks. These kinds of threats

TARGETED ATTACKS - AFKC€¦ · TARGETED ATTACKS WHITEPAPER...

Category: Documents
The Custom Defense Against Targeted Attacks › media › wp › custom-defense... · Advanced persistent threats (APTs) and targeted attacks have clearly proven their ability to

The Custom Defense Against Targeted Attacks › media › wp...

Category: Documents
STOP TARGETED ATTACKS - F-Secure

STOP TARGETED ATTACKS - F-Secure

Category: Documents
THE DESERT FALCONS TARGETED ATTACKS - Securelist

THE DESERT FALCONS TARGETED ATTACKS - Securelist

Category: Documents
Three Simple Steps to Prevent Targeted Attacks

Three Simple Steps to Prevent Targeted Attacks

Category: Internet
Low-Rate TCP-Targeted Denial of Service Attacks

Low-Rate TCP-Targeted Denial of Service Attacks

Category: Documents
Protecting endpoints from targeted attacks

Protecting endpoints from targeted attacks

Category: Technology
Using EMET to defend against targeted attacks

Using EMET to defend against targeted attacks

Category: Documents