what is lateral movement

Lateral movement is a term used in cybersecurity to describe the techniques that cyber attackers use to progressively move through a network as they search for the key data and assets that are ultimately the target of their attack campaigns. After gaining initial access, attackers use lateral movement to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement allows a threat actor to avoid detection and retain access, even if discovered on the machine that was first infected. It is a key tactic that distinguishes todays advanced persistent threats (APTs) from simplistic cyberattacks of the past. Detecting and preventing lateral movement is essential to shut down an attack, but it can be very difficult to detect because it can appear to be legitimate activity. In addition to cybersecurity, lateral movement can also refer to a type of exercise that involves side-to-side (or lateral) movement, which is often missing from most training and exercise programs.