Crowdstrike-2017网络入侵报告网络安全英文版-2017-31页（31页）.pdf

1、CYBER INTRUSION SERVICES CASEBOOK 2017 Security Resilience in the Face of Evolving Attacker Tradecraft CROWDSTRIKE.COM | 1.888.512.8906 15440 LAGUNA CANYON ROAD, SUITE 250, IRVINE, CALIFORNIA 92618 02 CROWDSTRIKE.COM | 1.888.512.8906 CONTENTS FOREWORD EXECUTIVE SUMMARY KEY FINDINGS KEY TRENDS CASE S

2、TUDIES AND RECOMMENDATIONS CONCLUSION 02 03 04 07 08 28 01 CROWDSTRIKE.COM | 1.888.512.8906 Cyberattacks and the resulting breaches are a fact of life now. The impact left in the wake of a successful intrusion can be massive when customer data or other confidential information is stolen, exposed, ch

3、anged, or deleted. Its an inescapable certainty: Where valuable digital assets exist, aggressive threat actors follow. These actors continuously develop and adopt new means to achieve their objectives, from the destructive NotPetya malware using stealth propagation techniques, to ransomware extortio

4、n, to the use of valid operating system processes to exploit the network. Likewise, security stakeholders from CISOs to incident responders to the board of directors must evolve their security planning to ensure resilience in the face of an attack. This document provides guideposts to further you al

5、ong that path. Drawn from real-life client engagements, the annual CrowdStrike Cyber Intrusion Services Casebook provides valuable insights into ever-evolving attacker tactics, techniques and procedures (TTPs). It also reveals the strategies the CrowdStrike Services team devised to effectively and q

6、uickly investigate and remove threats from victims networks. Additionally, the report reveals emerging trends observed in attack behaviors, including the preferred tactics used by threat actors to gain entry to the targeted environment. Based on CrowdStrike Services extensive experience in the field