Get Help Now

From the Cybersecurity News Desk

Marriott Data Breach Impacting Over 344 Million Could Have Been Mitigated with Threat Hunting

A recent report shows that it takes organizations an average of 280 days to identify and contain a data breach, but organizations can’t afford to wait this long.

Back in 2018 Marriott suffered a significant data breach. Hackers had access to systems for over 4 years before detection.  339 million guest data records were exposed.  A second data breach happened in 2020, going undetected for over a month with another 5.2+ million guest records being exposed.

We here at GreyCastle Security have witnessed first-hand similar incidents that could have been avoided had a client implemented some form of threat hunting into their cybersecurity programs. The following were indicators of compromise from a real-world incident where data exfiltration occurred. This activity was observed to take place prior to data exfiltration and would have been noticed with regular threat hunting processes.

  • New use of a privileged account which had been dormant for months
  • Installation of unrecognized software on multiple systems
  • Use of unauthorized file transfer software on a file sever
  • Use of network scanning tools
  • The presence of various remote access tools, some of which were unused

What Is Threat Hunting?

Threat Hunting is a proactive method of containing advanced threats before they create harm.  Detection and protection are no longer enough to thwart all attacks as a sustainable strategy. Here is why threat hunting is an important additional approach:

  • 52% of organizations say threat hunting found previously undetected threats
  • 74% of those who threat hunt indicate they have reduced their attack surface significantly
  • 59% indicate enhanced speed and accuracy of response by using threat hunting

What’s our Approach?

At GreyCastle Security, our Threat Hunting team provides insight into attack methodologies used by adversaries, ensuring organizations stay ahead off evolving threats.

  • We scope the data sets that will be used in an investigation. Hunts can branch from various starting points
  • We proactively and iteratively search through network and endpoint data to detect and isolate advanced threats that evade more traditional security solutions

We seamlessly pivot from hunting to forensic analysis in order to disrupt adversaries before they execute their attacks

See How We Can Help!

Fill out this form and we’ll be in touch shortly

    Number of Employees - select one:
    Industry - select one:

    Through our comprehensive approach to cybersecurity, we’ll use solutions such as threat hunting to help ensure your organization is protected against evolving threats.


    Be Proactive with Penetration Testing

    We can reveal if there are weaknesses in your systems.

    Threat Hunting

    Identify threats within an organization’s environment that might not be detected by standard tools

    Cybersecurity Incidents Happen

    Plan, prevent, and mitigate with our incident response team.

    View expert analysis on the latest threats 

    Finding qualified security professionals can be difficult and costly.

    Ours are the best. Put them to work for you.

    Contact Us
    Privacy Settings
    We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
    Consent to display content from - Youtube
    Consent to display content from - Vimeo
    Google Maps
    Consent to display content from - Google
    Consent to display content from - Spotify
    Sound Cloud
    Consent to display content from - Sound
    Contact Us