Cross-Domain Attacks: Know Them, Find Them, Stop Them

Adversaries have realized their time-honored attack methods involving clunky malware and malicious attachments are no longer working, largely due to endpoint detection and response tools alerting security teams to their activity. To improve their success rate, many are turning to cross-domain attacks.

Cross-domain attacks span multiple domains within an organization’s environment; namely, identity, endpoint and cloud. An adversary most often starts with a set of stolen credentials, which allows them to log in and operate under the guise of a legitimate employee. From there, they might target the cloud control plane to access more accounts or pivot to unmanaged devices. All the while, they move silently, achieving their goals without triggering alarms.

“The adversaries have really figured out how to operate from the shadows more effectively,” Adam says.

In this episode, he and Cristian discuss how cross-domain attacks unfold in a target environment; which adversaries are adopting this tradecraft; and how organizations can better detect, identify and mitigate these threats before it’s too late.

Watch our Cyber Threat Summit (focused on the rise of cross-domain attacks) on-demand: https://www.crowdstrike.com/resources/crowdcasts/cyber-threat-summit/