Tag: living off the land

Consider following on social media!

• WordPress
• Twitter
• Facebook

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

You know, there is always something you could learn on the internet. If you’re interested in getting better at math, you can learn how to do equations better, if you’re interested in learning another language, you can find courses online (or people in real life) and learn. And if you’re interested in finding out if your supervisor has an O.F. page so you can later use it for blackmail, there’s sure a place for that as well.

Well, not so much the last point since all you would have to do is a quick search– however, we’re not here to tell you how to ruin others, you’re an adult (we hope), so do your research. To the point, there has been a term making its rounds in the cybersecurity realm which at first glance may seem like a good idea but upon closer examination, it may have you saying “Oh, dear”.

The Attack

So, what is this term that was been square dancing all over the internet and two-stepping into the organization’s heart of fear? Look no further than LOTL. At first glance, you wouldn’t be wrong for thinking it breaks down to Lot Lizard, however, you’re wrong. And if you don’t know what they are, again, you’re an adult (we hope), do your research. If you don’t feel like doing your research, we’ll give you a hint. They have been known to be a fun bunch and have nothing to do with lizards. Unless you’re talking about the lizard part of the brain, then they may have found a cleverly way to incorporate fun time with science. Meh, who knows?

Who Can It Be Now

LOTL is “Living off the land”, this is a form of cyber-attack where the threat actor carries out malicious activities using legitimate IT admin tools. This goes along with using RAT (Remote Access Tools), the end goal is to get into the system or network and escalate their user privileges. Why would someone want to increase their user privileges, we can hear you ask. Well, the answer is simple, anything you can do, they can do as well, if not, better.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

That Sinking Feeling

You might be wondering, how is something like this done. There are many ways this is executed but for the most part, it comes from an insider threat. Insider threat actors have knowledge about the organization they work for and already are trusted members, with these two factors make them the prime candidates for wreaking havoc.

The Prevention

So, you’re a big company and you’re looking to protect yourself from insider threats. How can you protect yourself? The answer is simple, pay the people who work for you well, and you won’t have any problems. Obviously, we can hear you chuckling under your breath, yes, we know that’s not going to happen. Jokes aside, you can’t protect yourself 100% since you’re always going to have something that someone else or an organization wants. These threat actors could be hired by your competitors to sabotage or steal valuables from you. The best thing to do is to have training for employees in common cybersecurity issues and how to handle them and be vigilant when in the presence of odd behavior from others. This includes finding out that Bob from accounting has been living in the storage closet for about three weeks now, it’s understandable his wife kicked him out and he has nowhere to go, but this does classify as suspicious insider threat behavior and needs to be reported.

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on LOTL? Script a comment below.