My Article on Advanced Persistent Threat Posted
My article Understanding the Advanced Persistent Threat provides an overview of APT. It's the cover story in the July 2010 Information Security Magazine. From the article:
The term advanced persistent threat, or APT, joined the common vocabulary of the information security profession in mid-January, when Google announced its intellectual property had been the victim of a targeted attack originating from China. Google wasn't alone; more than 30 other technology firms, defense contractors and large enterprises had been penetrated by hackers using an array of social engineering, targeted malware and monitoring technologies to quietly access reams of sensitive corporate data.
Google's public admission put a high-profile face on targeted attacks and the lengths attackers would go to gain access to proprietary corporate and military information. It also kicked off a spate of vendor marketing that promised counter-APT products and services that have only served to cloud the issue for security managers and operations people.
In this article, we'll define APT, dispel some myths and explain what you can do about this adversary.
The term advanced persistent threat, or APT, joined the common vocabulary of the information security profession in mid-January, when Google announced its intellectual property had been the victim of a targeted attack originating from China. Google wasn't alone; more than 30 other technology firms, defense contractors and large enterprises had been penetrated by hackers using an array of social engineering, targeted malware and monitoring technologies to quietly access reams of sensitive corporate data.
Google's public admission put a high-profile face on targeted attacks and the lengths attackers would go to gain access to proprietary corporate and military information. It also kicked off a spate of vendor marketing that promised counter-APT products and services that have only served to cloud the issue for security managers and operations people.
In this article, we'll define APT, dispel some myths and explain what you can do about this adversary.
Comments
I especially like the section towards the end regarding getting that knock on the door from the FBI versus soliciting them for a briefing.
My recommended solution for dealing with APT: Connectivity auditing!
Cheers
Quacks like a duck, walks like a duck.....
APT, why not China....no wonder there is confusion