You don't have to look very far to find an example of a malicious cyberattack. For example, the June 2017 hack of password manager OneLogin. Intruders accessed a set of Amazon Web Services (AWS) keys and were able to unencrypt data that was assumed to be secure. What makes this breach even scarier is that many people who use a password manager like OneLogin don't just use it for personal passwords. They use it for work passwords, too.
Knowing that the potential for a breach lies both within your business infrastructure and through employees as a point of access should spur any organization into getting serious about understanding how security is compromised. One of the best places to start is by arming yourself with a baseline understanding of the tactics used by cybercriminals.
The first step in understanding these tactics is educating yourself about the types of attacks that can occur. The two most common are web application compromises (usually seen in the finance, entertainment, and education industries) and distributed denial of service (DDoS) attacks (prevalent across every industry).
The next step is to understand the stages of a breach. Although the types of compromises can vary, most attacks involve the following stages:
- Reconnaissance - Forming the attack strategy.
- Scan - Searching for vulnerabilities.
- Exploit - Beginning the attack.
- Access Maintenance - Gathering as much data as possible.
- Exfiltration - Stealing sensitive data.
- Identification Prevention - Disguising presence to maintain access.