fbpx

Advanced Persistent Threats (APTs) - A Short Lecture

Details
Category: Cybersecurity PRISM
To truly examine how APT “spells out”, let’s see what each word in this term means, in context:
 
 

Advanced:

  • Using latest techniques
  • Using multiple methods, tools and techniques
  • Brute force vulnerability discovery

Persistent:

  • Targeted diligence
  • Long-term access to the target
  • Dormant potential 

Threat: 

  • Specific objective
  • Skilled actors 

 

Such a devastating attack can lead to a number of consequences, including: 

  1. Intellectual property theft
  2. PII theft
  3. Obtaining reconnaissance data
  4. Data breach
  5. Data destruction
  6. Access to sensitive communications

 Cybercriminals have figured out how to evade detection by bypassing traditional defenses. Using toolkits to design polymorphic threats that change with every use, move slowly, and exploit zero-day vulnerabilities, the criminals have broken in through the hole left by traditional and next-generation firewalls, IPS, anti-virus and Web gateways.

 This new generation of organized cybercrime is persistent, capitalizing on organizational data available on social networking sites to create very targeted 'phishing' emails and malware targeted at the types of applications and operating systems (with all their vulnerabilities) typical in particular industries.
 
Once inside, advanced malware, zero-day and targeted APT attacks will hide, replicate, and disable host protections.
After an APT installs itself, it dials home to its command and control (CnC) server for further instructions, which could be to steal data, infect other endpoints, allow reconnaissance, OR lie dormant until the attacker is ready to strike. Attacks succeed in this second communication stage because few technologies monitor outbound malware transmissions. Administrators remain unaware of the hole in their networks until the damage is done.
 
APTs can be characterize by the attackers’ quest to gain long-term control of compromised computer systems. Whether attackers use viruses, Trojans, spyware, rootkits, spear phishing, malicious email attachments or drive-by downloads; their malware enables the simple disruption or long-term control of compromised machines.
 
APTs can be nation-state or rogue actors using completely unknown malware or buying access to systems previously compromised with known malware installed through social engineering, spear phishing, or drive-by downloads.
 
 

This Article Was Written & published by Meena R,  Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India. 

Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...

She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms. 

34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook. 

If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:

Click Here to follow her: Cybersecurity PRISM