Secure your small business:
Apps → Data →

Lateral Movement

Lateral Movement is a term used to describe how hackers move from an initial point of entry deeper into a network.

When normal users access a network, they tend to start at a defined entry point like a desktop or laptop and fan and access additional resources in a star pattern emanating from the initial entry point. The “one hop” star pattern is an intentional security design feature of Kerberos that is supposed to prevent hackers from performing lateral movement. The idea is that Kerberos only allows a ticket to be used one-hop from where it was issued. Note that Microsoft actually refers to the one-hop restriction as the double-hop problem, but one-hop is probably more descriptive for what we’re talking about. In reality, hackers have found many ways around the double-hop problem and are able to move in linear or “lateral” patterns. Because hackers are able to steal multiple identities, they can switch user identities as needed and, in some cases, use software exploits to create sessions between computers that are completely unauthenticated. It is this chaining of sessions from entry point to objective that we refer to as lateral movement.

2FA/MFA Rapid Reference

Authentication at a glance

Download the 2FA/MFA Rapid Reference now:

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms

 

2FA/MFA Rapid Reference

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms
Save PDF  

Downloadable References

PDF
Sample, shareable addition for employee handbook or company policy library to provide governance for employee AI use.
PDF
Generative AI is exploding, but workplace governance is lagging. Use this whitepaper to help implement guardrails.
PDF
Cheat sheet for basics to stay secure, their ideal deployment order, and steps to take in case of a breach.
PDF
Real-time, continuous authentication using behavioral biometrics and machine learning.
 
 
 
 
 

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.