ExtraHop Logo
Try ExtraHop
Menu iconX icon
  • Platformchevron right
  • Solutionschevron right
  • Modern NDRchevron right
  • Resourceschevron right
  • Companychevron right
User iconSign In
Contact Us

DETECTION OVERVIEW

Unconventional SMB Data Transfer

Risk Factors

It is both relatively easy and common for attackers to target file share servers. Unusual data transfers can be associated with risky activity such as sharing malicious files between compromised devices or data staging. Data staging is the process of collecting and preparing data for exfiltration. Depending on the sensitivity of the transferred files, the impact can be devastating if important, proprietary, or customer data is leaked.

The system might change the risk score for this detection.

Kill Chain

Actions on Objective

Risk Score

60

Next in Actions on Objective: Unconventional SSH Data Transfer

Attack Background

N/A

Mitigation Options

Restrict file share access to only authorized IP addresses and hosts

Add two-factor or multi-factor authentication

MITRE ATT&CK ID

What else can RevealX do for you?

View our Periodic Table of use casesArrow pointing right