What is data exfiltration?

Data exfiltration is formally defined as the unauthorised transfer of sensitive information from a target’s system or network by an attacker to another location.

Data is always moving around in network this makes it very hard to detect an exfiltration attack which makes it all the more serious and devastating. Such a transfer of data may be manual. This is when an attacker has physical access to the system where a storage device is used to copy data. It can also be carried out through using malicious programming over a network. Such attacks vary in complexity according to the attacker and the target. One of the forms of these attacks can happen through backdoors in software or through the use of key loggers that record keystrokes of the user and send them to attacker to get access to information.

Researchers predict that in the future, the tendency will be for attackers not only to seek to obtain information but also to modify the data in its location. Some security measures that control access control can help minimise the risk of data exfiltration. These system include Data Leak/Loss Prevention (DLP) solutions. The role of these solutions would be to prevent the intentional or inadvertent unauthorised transfer of data while in-use (user processing), in-transfer (over the network) or at-rest (stored).

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

More Posts

Benefits of Password Complexity

We’re sorry, your password must contain an uppercase letter, a number, a metaphor, a graffiti, a hieroglyph and the blood of a witch. Yes, but why? Password-cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and brute-force automated attacks that try every possible combination of characters. Given enough time, the automated method can

Reach out

Re-Architect

This methodology requires the most effort to implement but it results in the most optimised recurring cost and will provide the best scalability for apps. This involves re-adapting the code of applications and the heavy use of SAAS solutions in order to replace existing hosted applications.

Re-Platform

This method utilizes the power of  PAAS services, like transferring a database to an as-a-service model,  the use of containers for some apps or the use of network/security functions as a service. Greater scalability and lower cost of operation is achieved.

Re-Host (Lift & Shift)

the migration of workloads from  to the cloud without changing the architecture. Machines get to keep their  OS and apps. This is the quickest and easy way to migrate, but since its  utilising IAAS, its is also the most expensive on the long term.