IT InfraWhitepapers

Technical Guide: The Advanced TTPs Attackers Use Post Exploitation

For this paper, we will explore the important aspects of increasingly sophisticated attacker tactics that span ransomware, nation-state, and even some insider threat activities. At first glance it is easy for one to conclude a wide variety of security countermeasures and policy changes are required to combat the growing number of attack vectors. Closer examination of the TTPs of these attack vectors show some common themes- consequently actions on any one of a key sub-set of TTPs could mitigate the resulting outcomes achieved by many attack vectors.

Attacks, such as nation-state and advanced ransomware, follow a common model, originally represented by steps 6 through 9 of the MITRE ATT&CK framework. Here, we will examine the post-exploitation (attacker hands-on-keyboard) phase for nation-state and advanced ransomware attacks.


By Signing up, you agree to our Terms and Privacy Policy.

Tags
Back to top button
Close
Close