Lateral Movement

Definition

Lateral movement is an attack technique where an attacker, after gaining initial access to a system, spreads through the network to compromise additional systems and escalate privileges.

After initial infection, the attacker begins reconnaissance: which systems are reachable, which credentials are available, where is valuable data? The attacker then moves laterally to other systems.

Examples of lateral movement techniques: Pass the Hash, Pass the Ticket, remote services (RDP, SMB), compromised service accounts.

Related terms

APT (Advanced Persistent Threat) Privilege Escalation SIEM (Security Information and Event Management) EDR (Endpoint Detection & Response)
← Back to glossary