Lateral Movement Vector | Cymulate Breach and Attack Simulation

Cymulate’s Lateral Movement (Hopper) vector challenges your internal networks against different techniques and methods used by attackers to gain access and control additional systems on a network, following the initial compromise of a single system.

Once an organization’s perimeter defenses fail and endpoint security is bypassed, providing the attacker a foothold in the organization (see Endpoint Security Vector) lateral movement inside the network is a common next step in a penetration scenario. Organizations deploy numerous security solutions and controls in order to prevent such movement. Whether as part of their internal policy configuration or a specific security solution, organizations depend on various controls to prevent, detect and monitor lateral movement.

As threat actors move deeper into the network, their movements and methods become more difficult to detect especially when they abuse Windows features and tools typically used by IT administrators (e.g., PowerShell). Gaining administrative privileges also makes threat actors’ activities undetectable and even untraceable. Some well-known examples were the WannaCry and NotPetya attacks, the latter which literally shut down the operations of the shipping giant Maersk, causing hundreds of millions of dollars in damages.

Such attacks can force small companies out of business. They can also interrupt emergency operations and surgeries as seen during the WannaCry campaign which hit dozens of NHS hospitals and medical centers in the UK. These attacks used a powerful exploit called Eternal Blue to spread and laterally move within networks.

Based on research and our own experience, once attackers manage to move laterally within a compromised network, they have on average three months to conduct their malicious activities without being detected.

Manual methodologies to penetrate organizations and simulate hacker breach spots are limited in speed, volume and scope. Cymulate’s Lateral Movement vector simulates a compromised workstation inside the organization and exposes the risk posed by a potential cyberattack or threat. Various techniques and methods are used to laterally move inside the network.

The platform uses a sophisticated and effective algorithm to mimic all the common and clever techniques that the most skilled hackers use to move around inside the network.

The Hopper attack simulation results are presented in an interactive graphic diagram that shows the attacker’s lateral movement path, along with Cymulate’s risk score, KPI metrics and actionable mitigation recommendations.  By taking corrective action, IT and security teams can take the appropriate countermeasures to increase their internal network security.

Cymulate Dashbaord - Simulate Attacks

Learn More about Other Attack Vectors

Email Gateway Vector | Cymulate Breach and Attack Simulation

Email Gateway

Web Gateway Vector | Cymulate Breach and Attack Simulation

Web Gateway

Web Application Firewall Vector | Cymulate Breach and Attack Simulation

Web Application Firewall

Phishing Awareness Vector | Cymulate Breach and Attack Simulation

Phishing Awareness

Endpoint Security Vector | Cymulate Breach and Attack Simulation

Endpoint Security

Data Exfiltration Vector | Cymulate Breach and Attack Simulation

Data Exfiltration

Immediate Threats

Immediate Threats Intelligence

Full Kill Chain APT

Full Kill-Chain APT

Purple Team Simulation

Purple Team Simulation


See how simple it is