"CISA Issues Mitigation Tips for Common Attack Tactics"
The U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has made high-level recommendations for mitigating six stages of a sample attack pathway. The six stages identified by CISA include initial access, command and control, lateral movement, privilege escalation, collection, and exfiltration. The agency showed how successful an adversary could be at each of the stages through the performance of scenario-based network penetration testing, social engineering testing, web application testing, wireless testing, configuration reviews of servers and databases, as well as detection and response capability evaluations. CISA's assessment team discovered that more than 68 percent of their successful exfiltration attempts used adversary-established command and control centers as opposed to automatic exfiltration or archived data collection. According to CISA, this allowed the downloading of information without having to establish additional pathways and potentially alerting network defenders. CISA emphasized that the theft of information could result in the recreation of blueprinted technologies, targeting of supply chain components, and more. CISA's analysis also delved into the ways in which adversaries set up command and control mechanisms and how to foil them. This article continues to discuss findings from CISA's analysis and mitigation measures for avoiding adversarial system takeovers recommended by the agency.
NextGov reports "CISA Issues Mitigation Tips for Common Attack Tactics"