Lateral Movement is the expansion of control over network resources by the adversary following the initial breach.
Once the first endpoint is compromised, the Adversary uses techniques to acquire information about network systems that enable them to access and control additional endpoints remotely, without necessarily requiring any additional tools, such as a remote access tool.
The compromise and control over one endpoint then leads to the extension of control over numerous endpoints within a network. Once lost to the Adversary via Lateral Movement, the enterprise is on it’s own to re-establish control over its own resources.
Lateral Movement can lead to systemic damage, data theft and the ransoming of critical data.