Living of the Land
The term Living of the Land (LotL) means life in a system at the expense of the resources of the system itself. In the field of computer security, this term is used in a dangerous form of attacks on the information structure of an enterprise, during which the hacker uses only those tools that are present in the attacked system.
A hacker can gain access to the system at the network level, study the parameters of the attacked system over a long period of time, find ways to remain invisible to existing detection methods, determine controlled and uncontrolled indicators of compromise, find ways to stay in the system without leaving a trace, ways to overwrite the logging system of the attacked object.
The signature-based approach to protecting information in this type of attack is not effective at all. The result of the hacker’s work is gaining access to the operating system command line, PowerShell service, compromising administrator and user logins and passwords, downloading key data to remote servers for further resale.
Russian banks lost millions of rubles as a result of the actions of the Cobalt and Silence APT groups.
The effectiveness of the Keeper ZT software against this type of attack has been proven in practice.
Using our software tool, you can solve the following tasks:
- Total control over the launch of all applications, services, scripts in the operating system
- Impossibility of executing self-written code without the system administrator’s sanctions
- Block applications and services at workplaces of officials, the operation of which is beyond their type of activity in the workplace
- Continuous control of the integrity of all software on the end host
- Ability to block and control network services in order to prevent them from being seized by intruders