6 Internal attacks
This chapter covers:
- Understanding how attackers use multiple techniques at the same time to further attack a target.
- Developing security strategies to address insider threats – malignant attackers that are inside our organization already.
- Learning why “defence in depth” is different from the traditional “perimeter security” approach, and why the defence in depth approach is more successful at dealing with today’s complex, multi-layer attacks
- Learning and implementing strategies to limit the damage from an initial breach – and making it easier to spot the attackers.
Expanding on the technical hacks and social engineering we discussed in chapters 4 and 5, this chapter looks at the next stage: what hackers do once they have broken their way inside your organization. We’ll also look at another common attack route – insider threats.
6.1 What happens after they get in?
Back in chapter 2, we looked at the fundamental building blocks of any security strategy:
- What assets do we have?
- Who would want to attack them?
- What defenses do we already have?