Today, an attacker’s goals are focused on data access and exfiltration. To gain entry into an environment, sophisticated attackers aggressively pursue and compromise specific targets, often using social engineering tactics such as spearphishing. This attack activity is described by the Lockheed Martin Cyber Kill Chain1 and is focused on initial reconnaissance and weaponization to exploit and control a device.
SANS Review: Investigate Attacks On Critical Assets With Network Traffic Analysis Asset
