Imperva Releases Hacker Intelligence Initiative Report:
Imperva released its April Hacker Intelligence Initiative (HII) report, “The Non-Advanced Persistent Threat.” The report presents an in-depth view of how techniques attributed to Advanced Persistent Threats (APTs) require only basic technical skills. The report exposes simple ways that attackers are obtaining access privileges and accessing protected data by targeting weaknesses of the Microsoft NTLM protocol.
• Data breaches commonly associated with APT can be achieved by simple means, using basic technical skills.
• Built-in Windows functionality, combined with “innocent” file shares and SharePoint sites, can provide attackers with an entry-point to accessing an organization’s most critical data.
• A mitigation strategy should be implemented that focuses on monitoring the authentication process itself and data access patterns, in addition to tailoring authorization mechanisms for increased security.