Unusual excessive traffic requiring investigation
Description
AlphaSOC detected an unusually high volume of network traffic, which may indicate data exfiltration attempt by threat actors. Adversaries often use alternative protocols to steal large amounts of data while evading detection.
Impact
This pattern could signal an ongoing data exfiltration attempt. Adversaries may use alternative protocols to bypass traditional security controls and maintain persistence on the network.
Severity
Severity | Condition |
---|---|
Low | Unusual high volume of traffic requiring investigation |
Investigation and Remediation
Investigate the high-volume traffic and check for signs of compromise. If unauthorized activity is confirmed, isolate affected systems and terminate malicious connections.