There are two phases that generally feature in all cyberattacks:
Initial access: In this phase, attackers seek to break into the system or perimeter. There are four common ways in which this is done: There are four common ways in which this is done:
- Phishing email
- Password guessing
- Exploitation of a software vulnerability
- Distribution of malware via email
2. Exploitation: In this second phase, the attacker seeks to access all the relevant devices in the environment, including servers and workstations, to take control of and deploy additional tools and scripts, primarily in order to bring about privilege escalation and lateral movement in the network. This is done to ensure access to as many of the company’s resources (data, information, etc.) as possible.
