Recognize and understand lateral movement
Threat actors gain access to a company application through phishing or exploiting unpatched vulnerabilities, assume the identity of a legitimate user and use lateral movement to penetrate ever deeper into various parts of the network. There they can exfiltrate data, paralyze and manipulate systems and databases or carry out other attacks. The threat actors do not strike directly, but rather try to operate in the background unnoticed for as long as possible. The goal of most cyber criminals is to steal or encrypt data in order to extort ransom money - i.e. ransomware attacks. The more time the attackers go unnoticed...