Lateral Movement Definition & Meaning

Lateral movement, or lateral traffic, is a network attacker’s progression through the network once they have breached it. Lateral movement is also known as east-west traffic, indicating horizontal progression through an already-breached network, and contrasts with north-south traffic, or first entering the network. Lateral movement is challenging for organizations to track because once an attacker has entered a network, their traffic appears normal. It’s hard to distinguish between an attacker and authorized users because they’ve already gained access.

Reasons for lateral movement

Attackers can gain initial access to a network using:

  • Employee devices, particularly in the Internet of Things. IoT devices have fewer security protocols than smartphones and computers. If an attacker accesses an IoT device that connects to the company network, they may then be able to thread their way into the network.
  • Company email. Social engineering heavily relies on fraudulent emails, which might ask an employee for their credentials or include malware. Once the attacker has that information, they can proceed into the network as a trusted user.
  • Malicious software installed on a company computer: if an attacker convinces an employee to click a link, malware could install on that computer and then give the attacker a pathway into the network.

Traditional network security doesn’t handle lateral movement well because it doesn’t have good methods of protecting the inside of the private network. Everyone who is allowed through the firewall at the perimeter can then meander through the network at their leisure. This also makes it harder for organizations to find a threat once it’s inside, especially if the attacker has stolen an employee’s credentials. Sorting through all of the data both manually and efficiently is impossible for most IT teams.

Combatting lateral movement with XDR

In traditional network security solutions, separate software and systems are not centralized: they’re siloed. It’s more difficult for a business to manage its network security when multiple applications are analyzing data. A centralized threat detection and response solution that can analyze all the data and notice patterns is a better way to monitor a network.

Extended detection and response (XDR) is one of the best choices for large organizations because it removes the silos between security solutions. XDR monitors all the data from applications and servers. An XDR solution includes automation, which saves IT and engineering teams time.

Some XDR solutions implement machine learning, which studies patterns in data and eventually learns to notice anomalies and prioritize alerts to technology teams, similar to user and entity behavior analytics (UEBA). If trained sufficiently, machines can interpret words and also their context to better understand a situation. If a certain computer, account, or server behaves unusually, a good network detection and response solution will notice that and take proactive measures to find the cause. XDR does not just detect threats but also tracks them and addresses them quickly.

Zero trust and microsegmentation are other technologies designed to limit access in event of a breach or stolen credentials.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a contributor for websites such as Webopedia.com and Enterprise Storage Forum. She writes about information technology security, networking, and data storage. Jenna lives in Nashville, TN.

Top Articles

The Complete List of 1500+ Common Text Abbreviations & Acronyms

UPDATED: This article was updated April 6, 2021 by Web Webster   From A3 to ZZZ we list 1,559 text message and online chat abbreviations to...

How to Create a Website Shortcut on Your Desktop

UPDATED: This article was updated April 6, 2021 by Web Webster   This Webopedia guide will show you how to create a desktop shortcut to a...

Windows Operating System History & Versions

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

What are the 5 Generations of Computers?

UPDATED: This article was updated on April 6, 2021 by Web Webster   Learn about each of the 5 generations of computers and major technology developments...

Random Access Memory (RAM)...

UPDATED: This article Updated April 6, 2021 by Web Webster   Random Access Memory (RAM)...

OEM – original equipment...

UPDATED: This article was updated April 6, 2021 by Web Webster OEM (pronounced as...

Best ERP Software for...

UPDATED: This page was updated April 6, 2021 by Web Webster   Enterprise resource planning...