Data Exfiltration
Data exfiltration is the theft or unauthorized removal or movement of any data from a device. It usually involves an attacker stealing information from personal or corporate devices through various attack methods.
Data Exfiltration In-Use
Common data exfiltration attacks include social engineering and phishing campaigns. Malware is often unknowingly downloaded onto a user’s device to steal login credentials. Data exfiltration may also occur when an insider moves data outside the network. This can be done by emailing it to a non-corporate email address. Although there might not be any malicious intent, the data is now at risk as it no longer can be monitored by the security team.
Types of Data Exfiltration
Data exfiltration can occur in various ways. Malware and insider threats are two of the more common ways it can occur. Cybercriminals will try to insert malware onto a network device which will then scan other devices on the network for sensitive information. The malware may remain latent to avoid detection while still exfiltrating data. In an insider threat scenario, trusted employees exfiltrate data for their own gain. This can result in serious harms to the company and may put many users at risk. They can steal data by making Google Drive links public, moving critical files to personal devices, or abusing access privileges.
How to Prevent Data Exfiltration
Data Loss Prevention (DLP) solutions are often used by organizations to prevent data exfiltration. These platforms have specific algorithms to monitor, detect and block confidential data from leaving an organization. As an alternative to DLP solutions, many organizations strive to prevent insider threats. There are various tools and platforms such as Splunk, ManageEngine Endpoint, and SecureTrust, which rely on a combination of user and data activity monitoring to detect and prevent insider threats.
Contribute to Docs
- Learn more about how to get involved.
- Edit this page on GitHub to fix an error or make an improvement.
- Submit feedback to let us know how we can improve Docs.
Learn Cybersecurity on Codecademy
- Skill path
Fundamentals of Cybersecurity
Learn the Cybersecurity fundamentals that will lay a foundation for securing your technology and personal life from dangerous cyber threats.Includes 5 CoursesWith CertificateBeginner Friendly3 hours - Free course
Introduction to Cybersecurity
Learn about the fast-growing field of cybersecurity and how to protect your data and information from digital attacks.Beginner Friendly3 hours