Intrusion

An intrusion is an unauthorized access or breach into a computer system, network, or digital resource.

This cybersecurity incident occurs when an attacker successfully bypasses security controls to gain entry to systems they should not have access to, whether through exploiting vulnerabilities, using stolen credentials, or employing social engineering techniques.

Intrusions can range from simple unauthorized logins to sophisticated multi-stage attacks that involve lateral movement through network infrastructure. Common intrusion methods include malware deployment, brute force attacks against weak passwords, exploitation of unpatched software vulnerabilities, and privilege escalation once initial access is gained.

The primary goals of intrusions vary widely—attackers may seek to steal sensitive data, install persistent backdoors for future access, disrupt operations, or use compromised systems as launching points for further attacks. Early detection of intrusions is critical, as attackers often attempt to establish persistence and expand their foothold before executing their ultimate objectives.

Organizations typically employ intrusion detection systems (IDS) and intrusion prevention systems (IPS) alongside comprehensive logging and monitoring to identify and respond to unauthorized access attempts. Successful intrusion response requires rapid containment, thorough investigation, and remediation to prevent recurring incidents.