The processes and tools behind a true APT campaign: Exfiltration

In this final stage of the APT campaign, all other phases have been completed and data is likely about to be removed from the network

By Steve Ragan, CSO |  Security, Advanced Persistent Threats, insider

In part five of a series on understanding the processes and tools behind an APT-based incident, CSO examines the exfiltration phase. At this point, all of the other phases are complete, and if the campaign hasn't been halted before now, it's likely that data will be removed from the network.

[Data exfiltration: How data gets out]

Exfiltration is the endgame for an attacker. If the attack – and it doesn't matter if the attack is passive or targeted – has made it to this point, your day is about head up a famous creek and you're missing a paddle.

To continue reading. register here to become an Insider. It's FREE to join!

This article is part of a series about APT campaigns. The topics covered in this series are:
Weaponization and Delivery
Exploitation and Installation
Command and Control, and

Don't miss...

18 hot IT certifications for 2014

6 IT hiring tips to weed out the duds

The helpful, handy, FREE programs your new PC needs

  Sign me up for ITworld's FREE daily newsletter!

Originally published on CSO |  Click here to read the original story.
Join us:






Ask a Question