CPNI, the UK Government body charged with protecting critical national infrastructure, has an ongoing objective to help protect critical businesses from cyber attack. It’s iDATA programme focuses on “Improving Defences Against Targeted Attacks”.
A number of different products were created within iDATA which provide guidance to help businesses understand and protect against different stages of the cyber attack lifecycle or “kill chain”; particularly focusing on those stages after an attacker has breached the perimeter.
BAE Systems have worked with CPNI to produce guidance that will help businesses protect information about their networks, organisation and systems and thereby counter the ability of an attacker to succeed in the internal reconnaissance stage of the kill chain.
BAE Systems report focuses on providing an insight into the internal network reconnaissance activities undertaken by attackers following successful infiltration of a target network. In order to protect against targeted attacks it is important to consider all stages of an attack and have measures in place to impede and detect these stages.
Electronic material, common to all IT infrastructures, is used by intruders to understand their target environment. A study of the movements of intruders has resulted in advice that will impede their progress, make attacks more expensive to conduct and make detection easier.
Once access is gained to a network an attacker needs to gather information to help them achieve their goals. The report details techniques and approaches, target information, real world examples, and measures to protect against and impede this stage of an attack.
This report is an updated version of the PIANOS report released in 2014; the updates reflect the changes in attacks and networks which have occurred over the recent years.
Download this report today and consider how attackers will target your network information and measures to detect and impede their progress.