When investigating cyber-attacks in an organization, the starting point for the investigation is typically the moment of infection, the “boom.” The investigation moves to the “right” by considering everything that happened after that initial “boom” and how to respond. The goal is to find how the attacker got in and what the attacker did while inside.

The process for advance attacks, however, includes a lot of research before the actual infection attempts. From the attackers’ view, the reconnaissance phase is usually the most important one. It is done by collecting preliminary information, constructing attack scenarios, using social engineering, studying the opponent’s network topology as much as possible and defining the attack goals.

In this blog we will discuss the left side of the attack timeline, what happens “left of boom” – before the infection. We will cover the recon phase of attackers and how we sometimes provide information to the attacker without knowing. We’ll discuss what a corporate digital footprint is, how to find out what our footprint is, and how to use it to our advantage.

Read more here


You can also get news about IT-security sent directly to your inbox – via our e-newsletter News2You.
News2You is targeted to both resellers and end users – and contains the latest within IT-security and Networking solutions – as well as invitations to seminars and other events we host.

Do you wish to receive News2You in the future, please send os an e-mail to news2you@it2trust.com