An advanced persistent threat (APT) is a broad term used to describe an attack campaign in which an intruder, or team of intruders, establishes an illicit, long-term presence on a network in order to mine highly sensitive data.
The targets of these assaults, which are very carefully chosen and researched, typically include large enterprises or governmental networks. The consequences of such intrusions are vast, and include:
-
Intellectual property theft (e.g., trade secrets or patents)
-
Compromised sensitive information (e.g., employee and user private data)
-
The sabotaging of critical organizational infrastructures (e.g., database deletion)
-
Total site takeovers
Executing an APT assault requires more resources than a standard web application attack. The perpetrators are usually teams of experienced cybercriminals having substantial financial backing. Some APT attacks are government-funded and used as cyber warfare weapons.
APT attacks are very different from traditional web application threats, because
1. They’re significantly more complex.
2. They’re not hit and run attacks—once a network is infiltrated, the perpetrator remains in order to attain as much information as possible.
3. They’re manually executed (not automated) against a specific mark and indiscriminately launched against a large pool of targets.
4. They often aim to infiltrate an entire network, as opposed to one specific part.
A successful APT attack can be broken down into three stages:
1) network infiltration,
2) the expansion of the attacker’s presence and
3) the extraction of amassed data—all without being detected.
APTs are also stealthy; often playing the long game. The recently discovered DarkHotel attack, which remained undetected for an estimated seven years, is a prime example.
If you combine the 5-approaches shown in the graphic, you can help the security teams in quickly identifying the attacks. These will facilitate you a great deal in remediate the intrusions and help avoid potential losses…
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM