Picture a mouse that enters a house when the door is left open. It makes its way into the attic where it stays put in some inaccessible location. Every night once the residents of the home sleep, the mouse comes out to get its ration for the day. The mouse revels in its newfound invincibility and literally feasts on all the resources it can find. This goes on for weeks (or in worst cases months) before the owners of the house sense something unusual happening inside the house and take corrective action. The mouse would be eliminated one way or another but after considerable damage is done. This is a ‘cute’ tale that can be used to explain attack tactic in Cybersecurity. “Living off the Land”(LOTL) Here, threat actors gain illegitimate access to an information system. The administrators of the system have no clue about the break-in. The illegal entrants use tools, resources, or anything useful on the system, to gain further access to sensitive data/assets. They comprehensively go through the system to steal any useful information available on it. Generally, no malware is installed on the system, hence it is harder to detect malevolent activities. This goes on for weeks or in worst cases months, before it is detected by the host organization. By then all valuable & sensitive data are stolen and used for nefarious purposes. How do we prevent LOTL Attacks? Here are some techniques: “Limit chances of illicit access to the network. Think Two-Factor Authentication. Zero Trust security implementations. Well-designed firewalls and security groups. Effective policy on password rotation and expiration. Monitoring of keys and certificates. Keep security software and operating systems up to date. Set session time-outs.” ( Source) Question to Cybersecurity Experts: What are other ways of limiting LOTL attacks? Your expert strategies are much anticipated! Share your opinion via this . writing prompt Until next time. - VJ

What is the “Living off the Land”(LotL) Attack Tactic in Cybersecurity?

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

108 Stories To Learn About Cybersecurity Tips

10 Cybersecurity Books Every Business Owner Should Read

10 Best Practices for Securing Your API

122 Stories To Learn About Cybercrime

3 Cybersecurity Priorities for 2021: Threat Fatigue; Remote Work; Budget

248 Stories To Learn About Cyber Threats

108 Stories To Learn About Cybersecurity Tips

10 Cybersecurity Books Every Business Owner Should Read

10 Best Practices for Securing Your API

122 Stories To Learn About Cybercrime

3 Cybersecurity Priorities for 2021: Threat Fatigue; Remote Work; Budget

248 Stories To Learn About Cyber Threats

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps