Data exfiltration is formally defined as the unauthorised transfer of sensitive information from a target’s system or network by an attacker to another location.
Data is always moving around in network this makes it very hard to detect an exfiltration attack which makes it all the more serious and devastating. Such a transfer of data may be manual. This is when an attacker has physical access to the system where a storage device is used to copy data. It can also be carried out through using malicious programming over a network. Such attacks vary in complexity according to the attacker and the target. One of the forms of these attacks can happen through backdoors in software or through the use of key loggers that record keystrokes of the user and send them to attacker to get access to information.
Researchers predict that in the future, the tendency will be for attackers not only to seek to obtain information but also to modify the data in its location. Some security measures that control access control can help minimise the risk of data exfiltration. These system include Data Leak/Loss Prevention (DLP) solutions. The role of these solutions would be to prevent the intentional or inadvertent unauthorised transfer of data while in-use (user processing), in-transfer (over the network) or at-rest (stored).
