To truly examine how APT “spells out”, let’s see what each word in this term means, in context:
Advanced:
* Using latest techniques
* Using multiple methods, tools and techniques
* Brute force vulnerability discovery
Persistent:
* Targeted diligence
* Long-term access to the target
* Dormant potential
Threat:
* Specific objective
* Skilled actors
Such a devastating attack can lead to a number of consequences, including:
~~) Intellectual property theft
~~) PII theft
~~) Obtaining reconnaissance data
~~) Data breach
~~) Data destruction
~~) Access to sensitive communications
Cybercriminals have figured out how to evade detection by bypassing traditional defenses. Using toolkits to design polymorphic threats that change with every use, move slowly, and exploit zero-day vulnerabilities, the criminals have broken in through the hole left by traditional and next-generation firewalls, IPS, anti-virus and Web gateways.
This new generation of organized cybercrime is persistent, capitalizing on organizational data available on social networking sites to create very targeted 'phishing' emails and malware targeted at the types of applications and operating systems (with all their vulnerabilities) typical in particular industries.
Once inside, advanced malware, zero-day and targeted APT attacks will hide, replicate, and disable host protections.
After an APT installs itself, it dials home to its command and control (CnC) server for further instructions, which could be to steal data, infect other endpoints, allow reconnaissance, OR lie dormant until the attacker is ready to strike. Attacks succeed in this second communication stage because few technologies monitor outbound malware transmissions. Administrators remain unaware of the hole in their networks until the damage is done.
APTs can be characterize by the attackers’ quest to gain long-term control of compromised computer systems. Whether attackers use viruses, Trojans, spyware, rootkits, spear phishing, malicious email attachments or drive-by downloads; their malware enables the simple disruption or long-term control of compromised machines.
APTs can be nation-state or rogue actors using completely unknown malware or buying access to systems previously compromised with known malware installed through social engineering, spear phishing, or drive-by downloads.
___________________________
#cloudsecurity #computers #Cyber #cyberattack #Cybersecurity #cybersecurityawareness #cybersecuritythreats #cybersecuritytraining #cyberthreats #datasecurity #EthicalHacking #hacked #Hackers #Hacking #infosec #iot #IT #itsecurity #KaliLinux #linux #malware #networking #pentesting #privacy #ransomeware #security #technology #computersecurity #computerscience #wifi
Comments