Introduction
Advanced Persistent Threats (APTs) are growing as a serious concern as they represent a threat to an organization’s intellectual property, financial assets and reputation. In some cases, these threats target critical infrastructure and government institutions, thereby threatening the country’s national security itself. The defensive tools and other controls are frequently rendered ineffective because the actors behind the intrusion are focused on a specific target and quickly adapt their ways to predict and circumvent security controls and standard incident response practices. As a result, an effective and efficient defence strategy requires good situational awareness and understanding.
What are Advance Persistent Threats?
Advanced Persistent Threat (APT) refers to a long-term pattern of targeted hacking attacks using subversive and stealthy means to gain continual, persistent exfiltration of intellectual capital. The entry point for espionage activities is often the unsuspecting end-user or weak perimeter security. Extensive research is done using social media sites, public available documents on organization, its processes, its technology and its people prior to craft an APT attack.
The defence doctrine in the case of APTs must change from “keeping attackers out” to “sometimes attackers are going to get in; detect them as early as possible and minimize the damage.”
Source: http://www.symantec.com/theme.jsp?themeid=apt-infographic-1
For a more comprehensive discussion on APTs, please visit our detailed article below:. Also visit Resources Section for more write-ups.