What Is Living Off The Land?

Living Off The Land (LOTL) could mean you hunt for your food, maybe fish for it, or it may mean you harvest the local flora and fauna in the area to sustain life. And let us not forget funga. But stay clear and do not eat the bad ones.

Speaking of “bad ones”, LOTL has a different meaning in the technology ecosystem. Living off the Land, in this scenario, means threat actors can use the native computer tools within your system to sustain and advance an attack to completion. Completion? This may be the theft of your money, it may be to gain a competitive advantage in the business environment, or it may be politically motivated, just to name three possible motivating reasons. Regardless of the term “completion”, the result is not favorable for us.

3 Helpful Native Tools

Annotated below are three native tools that are very helpful to a Managed Service Provider, but can also levy a damaging payload if used for the wrong reasons by the threat actors.

File Transfer Protocol (FTP)

Standard network protocol used for the transfer of files from one host to another over a TCP-based network, such as the Internet.  File Transfer Protocol works by opening two connections that link computers trying to communicate with each other.

PowerShell

PowerShell is a cross-platform task automation solution made up of a command-line shell, a scripting language, and a configuration management framework. PowerShell runs on Windows, Linux, and macOS.

Windows Management Instrumentation (WMI)

Windows Management Instrumentation is the infrastructure for data management and operations on Windows-based operating systems.

All three tools are very powerful and used by technologists nearly every day as part of their network management efforts. Very routinely, these tools must be used when a Graphic User Interface (GUI) is not available. And because all this is performed through scripting and “under the hood”, malicious changes can be devastating and difficult to identify and eradicate.

Living off the Land sounds like a fun adventure if you are truly an outdoors person. But LOTL in the technology world can come with a lot of pain when native tools are used against us. Contact ION Technology Group at 1.856.719.1818 to learn more about raising your technology shields and protecting your valuable assets – your data.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Man walking up staircase of books. Learning IT from Ion TechnologyAnatomy of a Cyber Attack: Understanding Cyber Threat Actors by ION Technology Group