LATERAL MOVEMENT

This refers to the process of moving from one system to another within the same network environment. It enables operators to expand their reach, escalate privileges, and move closer to high-value targets (HVTs) while maintaining a low profile and blending in with legitimate activity. This technique often relies on harvesting credentials, exploiting trust relationships, or abusing legitimate administrative tools to navigate laterally through the environment without triggering security defenses. Think of lateral movement as hopping between machines using valid (or hijacked) access.