Understanding Attacker Infrastructure

The attack is just the final stage of a cybercriminal's effort. Organizations must understand the four stages of an attack to defend proactively, instead of waiting for it to happen. Adversary Infrastructure refers to the interconnected and purpose-built components that malicious actors assemble and utilize to conduct cyber attacks.

Some of that infrastructure includes:
○    C2, C&C or Command and Control Servers:  These servers act as the central hub for a threat actor where they can manage and control malware, compromised devices etc. 
○    Malware: Malicious code or software designed to infiltrate, damage or exploit a device. 
○    Domain Names: Threat actors use domain names to host malicious content such as C2 servers, phishing kits. 
○    Proxy Servers & VPN’s: Used to conceal their identity and location, threat actors often route their traffic through VPNs and Proxy Servers. 
○    Phishing Kits: Tools set up for phishing attacks like deceptive websites, email campaigns, social engineering etc. 

Watch the video above to see how it all works!