Threat Hunting

Threat Intelligence

Organizations face several threats directed towards their IT infrastructure primarily with the purpose to exfiltrate sensitive data or defame the organization. The primary threats as indicated by organizations in a recent survey of over 25 global banks include:

  • Malware on customer’s machine
  • System Breach by an outsider
  • A breach at a third party provider
  • Insider system Breach
  • Lost/stolen device
  • Phishing attack

Attacks launched by using legitimate credentials pose the highest threat to the security of an organization. These attacks may be launched by employees, vendors, outsourced operators or even external perpetrators that have managed to get access to these credentials. The study of recent targeted attacks against government and commercial organizations, reveals that external perpetrators now use social engineering and sophisticated malware to gain access to the credentials of valid accounts. Since organizations have not implemented sophisticated tools capable of monitoring and detecting behavioral changes for legitimate access, these attacks often go unnoticed.