Glossary Term

Lateral movement

Lateral Movement is a term used to describe how hackers move from an initial point of entry deeper into a network.

When normal users access a network, they tend to start at a defined entry point like a desktop or laptop and fan and access additional resources in a star pattern emanating from the initial entry point. The “one hop” star pattern is an intentional security design feature of Kerberos that is supposed to prevent hackers from performing lateral movement. The idea is that Kerberos only allows a ticket to be used one-hop from where it was issued. Note that Microsoft actually refers to the one-hop restriction as the double-hop problem, but one-hop is probably more descriptive for what we’re talking about. In reality, hackers have found many ways around the double-hop problem and are able to move in linear or “lateral” patterns. Because hackers are able to steal multiple identities, they can switch user identities as needed and, in some cases, use software exploits to create sessions between computers that are completely unauthenticated. It is this chaining of sessions from entry point to objective that we refer to as lateral movement.

2FA/MFA Rapid Reference

Authentication at a glance

Download the 2FA/MFA Rapid Reference now:

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms

 

2FA/MFA Rapid Reference

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms
Save PDF  
 
 
 
 
 

MORE DOWNLOADABLE REFERENCES

PDF

2020 Authentication Guide

Summary of authentication recommendations from major standards bodies, plus Plurilock's™ own recommendations.
PDF

White Paper: Advanced Authentication

The state of authentication today—and why you need Plurilock™ products.
PDF

Understanding MFA vs. Privacy

Is multi-factor authentication always good for privacy? See why it isn't, and which strategies make the grade.
PDF

Behavioral Biometrics Guide

The definitive guide to behavioral biometrics, a core Plurilock™ technology.