Analysis of Hacker AD Attack Techniques Based on Global Cyber Threat Big Data, ‘DX specialist company LG CNS announced on the 9th that it will hold a webinar on the 26th and release the ‘Vulnerability Analysis Report’.‘,
,
,
![A LG CNS security solutions business employee introducing the vulnerability analysis report. [Photo=LG CNS]](https://imgnews.pstatic.net/image/031/2024/09/09/0000868263_001_20240909103311007.jpg?type=w647)
An employee of LG CNS security solutions business introducing the vulnerability analysis report. [Photo=LG CNS],
,
, ‘LG CNS’s ‘Purple Lab’ classified 10 representative Active Directory (AD) attack techniques based on global threat intelligence (TI) big data in this report. Threat intelligence refers to the process of collecting, analyzing, and utilizing information to respond to cyber threats.’,
,
, ‘Based on this, Red Team conducts simulated training where they attack and Blue Team defends, documenting 10 scenarios and security responses for each scenario in the report.’,
,
, ‘This report also covers AD vulnerabilities that many hackers target. AD is a service that many companies around the world use to efficiently manage their infrastructure and members. Companies can centrally manage user accounts and permissions of internal members using AD. If a hacker takes control of AD, they can easily steal internal confidential data by hijacking the accounts of company members.’,
,
, ‘The major AD attack techniques identified by LG CNS are Kerberoasting attack, DCSync attack, Moniker vulnerability attack, Pass-the-Hash attack, and Golden Ticket attack, among others.’,
,
, ‘Kerberoasting attack involves attacking the tickets (authorization) issued to users for using services like shared folders and databases in the AD network to obtain the password of vulnerable accounts. DCSync attack involves the hacker behaving as if they have the same authority as the domain controller (DC) to perform synchronization requests between domain controllers and attempt to access sensitive information of the company.’,
,
, ‘Hackers typically attack multiple vulnerabilities simultaneously. LG CNS warns in the report about the risks of data leakage within companies due to intelligent AD attacks by hackers. To defend against complex and simultaneous hacker AD attacks, companies should consult with specialized security companies and conduct regular simulated hacking defense training.’,
,
, ‘LG CNS will introduce the ‘Vulnerability Analysis Report’ in detail through the webinar and discuss how to establish AD security enhancement strategies. The report will be available for download starting from the 26th.’,
,
, ‘Bae Min, Senior Executive Director of LG CNS Security/Solution Business Division, emphasized, “The trend is shifting towards hackers targeting the internal network, specifically the AD.” He added, “LG CNS provides differentiated cybersecurity strategies to corporate customers through services such as ‘AD Vulnerability Diagnosis Consulting’ and ‘Simulated Penetration Testing’.”‘,
,
, ‘Purple Lab was newly established this year with the goal of raising the security level by integrating in-depth analysis of hacking attacks and defense strategies. Purple Lab consists of existing Red Team and Blue Team members. The Red Team performs the role of hacking and attacking systems, while the Blue Team, operating the smart security operations center 24/7, is responsible for defense.’,
,
, ‘The majority of Purple Lab personnel are elite security professionals certified by security-related government agencies such as KISA’s ‘K-Shield’ and ‘SW Security Vulnerability Diagnosis Center’, and KITRI’s ‘Best of the Best (BOB)’. They diversified infiltration scenarios and prepared countermeasures through simulated hacking attacks and defense training at the Hacking Lab. The Hacking Lab refers to a virtual confrontation space where servers/systems/applications of corporate customers are built in a cloud-like environment.’,
,