<img height="1" width="1" style="display:none" src="https://q.quora.com/_/ad/1fa075f6a9144556974dd51ae0b653c7/pixel?tag=ViewContent&amp;noscript=1">
All Posts

Anatomy of Attack - What a successful attack looks like

Trent: Welcome back to TechScoop, thankyou for joining us now today I am joined by an exceptionally special guest Mr Ryan Economos from Mimecast. Thanks for joiing us Ryan, good to see you again.

Trent: Now over the past couple of videos we’ve been talking about the Anatomy of an attack. We started out by talking about attack vectors. We were talking about shotgun versus sniper rifle approach then we talked about the kind of research that goes into creating both of those types of attacks I suppose. Then this week I want to talk about what a successful attack looks like.

Ryan: Awesome so I guess there’s a number of outcomes due to a successful attack and the first one id say is something that’s immediately noticeable to the organisation. So something where you know piece of ransomware or malware gets installed and locks out file systems based on what the users have access to corrupts you know laptops, desktops etc within the organisation. That can have a huge impact from a monetary value perspective if the organisations not fortunate enough to have a good backup, which for many organisations tends to be the case they may very well have to pay that ransom if the data is absolutely critical. Even if they were able to recover from backup there’s the lost productivity time, so the lost productivity time of the user sitting at the keyboard and the productivity time of the IT department having to have to do that restoration. The second type of outcome could be something like compromised account. So perhaps something that’s not necessarily immediately noticeable, but you’ve been impacted by something the attacker is now sort of using whatever you’ve done to be able to attack perhaps your address list and spam outbound. So those spams outbounds can obviously cause reputational damage to that organisation especially if it contains things like you know malicious links or weaponized attachments as part of them. To the recipient this is someone who you’ve likely had communication with in the past so you’re essentially a trusted sender so whilst there may not be an immediate impact that’s noticeable to the organisation. Obviously that flow on effect and reputation damage can be huge.

The last one I would say is around credential harvesting, we’re seeing this more and more and that attack again can be one that goes unnoticed for an incredibly long period of time. So if a user is fooled into providing their credentials across to the attacker – they could gain access to your internal systems. They could have access to your data, files they could take that information away from the organisation. They could delete or corrupt that information.

They’ve also potentially got the ability to intercept internal communications that are taking place, they can gain further intelligence for launching another attack on that organisation. So there’s a couple of different outcomes and I’m sure there’s more that we could talk about. But they’re some of the key common outcomes that we see.

Trent: Okay so from what you’ve just mentioned it seems like there are 2 main outcomes I suppose. That’s what’s immediately visible that you can see in an instant, like your ransomware the things that you were discussing there. Then there’s the longer term ones, which are also detrimental to most businesses.

Ryan: Arguably more detrimental to the organisation. Rather than just deleting some files, it’s a long term, slow burning process. 

Trent: I think we’ll park it there for this week. That’s us looking at the anatomy of an attack from how it starts to what the effects of a successful attack would be. Ryan thankyou for joining us, I really appreciate it and I’m sure that everyone out there appreciates it as much as I do.

Thank you for watching and until next time we’ll see you soon.

Related Posts

5 Reasons Your Disaster Recovery Plan Will Fail

A Disaster Recovery Plan is like an insurance policy. It’s the thing you never hope to need, but are thankful to have when you do. If accidentally putting your phone through the wash feels like a chilly Spring breeze, suffering an organisation–wide operations failure would be a category 5 tornado in the dead of winter. That insurance with the help of IT Managed Services would come in handy, wouldn’t it? For something so critical to maintaining the function and security of a business, you’d be surprised just how many don’t take disaster recovery seriously. You might even be one of them. And you’re not alone. 40% of all businesses rate their organisation’s ability to swiftly recover operations after a disaster as fair to poor, and 3 out of 4 businesses receive a fail grading for DR strategy. Ironically, 95% of businesses experience system failures due to incidents unrelated to natural disasters. These operational disasters account for 45% of all system disasters, with natural disasters and human error accounting for 35% and 19%. And then there’s that 1% of freak, what the hell just happened?!?! occurrences. So if the chance of suffering some kind of system disaster is so high, why aren’t more businesses investing in an effective DRP? Think you’ve got DR covered on your own? Here are 5 reasons your disaster recovery plan will fail.

Techware Rebranded

We’ve been working hard on this project and are extremely proud to be revealing our refreshed branding in 2019!

Anatomy of Attack - What a successful attack looks like

Trent: Welcome back to TechScoop, thankyou for joining us now today I am joined by an exceptionally special guest Mr Ryan Economos from Mimecast. Thanks for joiing us Ryan, good to see you again.