Skip to main content

Unusual excessive traffic requiring investigation

ID:unusual_high_traffic_volume
Data type:IP
Severity:
Low
MITRE ATT&CK:TA0010:T1048

Description

AlphaSOC detected an unusually high volume of network traffic, which may indicate data exfiltration attempt by threat actors. Adversaries often use alternative protocols to steal large amounts of data while evading detection.

Impact

This pattern could signal an ongoing data exfiltration attempt. Adversaries may use alternative protocols to bypass traditional security controls and maintain persistence on the network.

Severity

SeverityCondition
Low
Unusual high volume of traffic requiring investigation

Investigation and Remediation

Investigate the high-volume traffic and check for signs of compromise. If unauthorized activity is confirmed, isolate affected systems and terminate malicious connections.