The eagle has landed: part one

Understanding the behaviour of attackers becomes even more critical once they have actually penetrated your systems. Hackers fly in low under the radar, quietly penetrate systems and then sit there for weeks and months, biding their time until the best moment to strike. In the first instalment of a two-part article, Tracey Caldwell starts by reviewing the changing threat vectors and the objectives of the attackers. Hacker attacks are increasingly low and slow. Organisations need to look beyond guarding their perimeter and alerting security staff when it is breached. Hackers fly in low under the radar, quietly penetrate systems and then sit there for weeks and months, biding their time until the best time to strike. Understanding attacker behaviour once the ‘eagle has landed’ – after they have penetrated systems – is not about preventing attacks but rather focusing on what happens once hackers gain access to systems and, to mix a metaphor, how best to counter the cuckoo in your nest. In this two-part article we start by reviewing the changing threat vectors and objectives and in part two look at how organisations can classify and counter these emerging threats.