Lateral movement is a technique used by attackers to move within a network, laterally, to gain access to additional resources and systems. This can be done to escalate privileges, access sensitive data, or to maintain a foothold within the network for future attacks.
There are several ways that attackers can perform lateral movement, including:
- Using compromised user credentials: If an attacker is able to obtain the login credentials of a user with elevated privileges, they can use those credentials to move laterally within the network and access systems that they would not have been able to access otherwise.
- Exploiting vulnerabilities: If an attacker is able to identify and reach a vulnerability in another system, they can exploit it to gain access to that system; a lateral move.
- Using network protocols: Attackers can also use legitimate network protocols and tools, such as Remote Desktop Protocol (RDP), to move laterally within a network.
Lateral movement is a key component of many cyber attacks, as it allows attackers to gain a foothold within a network and move closer to their ultimate goals.