Lateral Movement: Combating High-Risk, Low-Noise Threats

"What I like to tell people is that when you have one computer that's infected, that's annoying," says Charles DeBeck, a member of IBM Security's Threat Intelligence Production team. "When you have 1,000 computers that's infected, that's a problem." Lateral movement is one way threat actors escalate annoyances into problems. "Lateral movement consists of a series of techniques that enable an adversary to access and control remote systems in a network," Joey Victorino, a consultant for IBM X-Force IRIS, explains. In some cases, all it takes is four seconds for an adversary to pivot across a network. Charles and Joey join Pam to discuss the implications of lateral movement becoming more automated for threat actors; the potential business impact of lateral movement; how to limit the success of a threat actor in an environment; and how security precautions such as multifactor authentication (MFA) can mitigate the impact of lateral movement. For more security stories, visit SecurityIntelligence.com or follow IBM Security on Twitter and LinkedIn.