Inside the discovery phase of a cyberattack – and what you can do to counter it

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.

Cyber adversaries are better than ever at infiltrating systems. And once they gain access to a company’s network, hackers often stay in the shadows to conduct reconnaissance. They silently watch and learn how to exploit security weaknesses like default settings to achieve their objectives by surprise. In the MITRE ATT&CKTM framework, this digital prowling is known as “discovery.” Smart businesses can blunt the impact of a breach by denying intruders this opportunity to get oriented.

Many business leaders are familiar with attackers’ common methods for breaching systems. However, the tools and techniques that hackers use to perform reconnaissance once they have gained access are less well known. Understanding this discovery phase of a cyberattack can make you more prepared to counter such activities and downstream consequences. The actions to take are tactical but they can make all the difference by enabling businesses to stay on strategy and sustain operations.

A note about this series: This is the first in a series of bulletins on common tradecraft used by threat actors and technical mitigation that organizations can apply. We will use the attack life cycle according to the MITRE ATT&CKTM Enterprise Phases. We will start by exploring the discovery phase as it applies to Active Directory 

Download Download the full piece including technical mitigation that organizations can apply

Authors / Contributors

Christopher Duffy
Kevin Costello
Katie Piccininni

Related content

Disinformation in corporate sector: PwC

The disinformation age has arrived. Are you ready?

We’ve all witnessed disinformation in political and social spheres. Now disinformation is moving to the corporate world. Are you ready?

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.
Risk and Regulatory Services: PwC

Risk and Regulatory

Helping you manage the complexities of risk and regulatory changes.

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.
Risk and Regulatory insights: Survey findings, articles, newsletter series, webcasts: PwC

Risk and Regulatory research and insights

Explore our publication library for in-depth analysis, detailed research, and our perspective on managing Risk holistically across your organization from IT...

Start adding items to your reading lists:
Sign in
or
Create your account
Save this item to:
This item has been saved to your reading list.

Contact us

Christopher Morris

Principal, Global Secure Terrain Leader, PwC US

Linkedin Follow Email

Gerasimos J. Stellatos

Principal, Cybersecurity and Privacy, PwC US

Email

Kevin Simmonds

Principal, Cybersecurity & Privacy, PwC US

Email

Amandeep Lamba

Principal, Cybersecurity and Privacy, PwC US

Linkedin Follow Email

Emily Stapf

Cybersecurity, Privacy & Forensics Integrated Solutions Leader, PwC US

Linkedin Follow Email

John Boles

Principal, Cybersecurity and Privacy, PwC US

Linkedin Follow Email
Follow us
Audit and assurance Consulting Tax services Newsroom Alumni US offices Contact us

© 2017 - Mon Mar 08 15:30:38 UTC 2021 PwC. All rights reserved. PwC refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.