Talk With an Expert

Its 10PM...Do you know where your cloud is?

Its 10PM...Do you know where your cloud is? (PDF, 2.79MB)Published: 11 Aug, 2014
Created by:
Robert J. Mavretich

Once a single system is compromised by a determined attacker in a Windows environment, the attacker often tries to move laterally through the environment and escalate his privileges, potentially resulting in compromise of additional systems, up to the entire domain or forest. A common way this happens is by the attacker stealing credentials from the compromised box and using them against other systems. Published guidance exists on how to mitigate risk from credential theft attacks, but many organizations find the known techniques difficult to implement, if they are aware of them at all. This paper first gives background on the issue and an overview of existing known mitigations in order to raise awareness. Then, it explores whether there are other, potentially more novel, ways to address this problem.