Skip to main content

The MITRE ATT&CK Framework: Exfiltration

posted onSeptember 25, 2018
by l33tdawg
Tripwire
Credit: Tripwire

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage.

Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating data from the enterprise.

In cases where data is being exfiltrated over the network, having a network intrusion detection or prevention system in place can help identify when data is being transferred. Especially in the case when attackers are stealing large amounts of data, such as a customer database. Even open source tools such as Bro IDS are a great alternative if budget for a commercial solution is not feasible.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th