May 06, 2013
Advanced Persistent Threats: The New Reality
There’s a lot we know about advanced persistent threats, but there’s a lot we don’t know. This is due in large part to the complexity of the attacks and the stealth of the attackers.
Our knowledge about APTs is growing, but, unfortunately, that’s because the attacks themselves are growing in frequency. Criminals using APTs want data, so the more valuable an organization’s data, the more likely it is to be targeted. Government agencies and organizations in industries such as finance, energy, IT, aerospace, and chemical and pharmaceuticals are the mostly likely to be the victims of APT infections, as are those involved in international trade. Users and organizations with access through business relationships to valuable data, such as smaller defense contractors, are also beginning to be targeted. And the use of watering hole attacks may be heralding a change in tactic to mass infections, which are then sifted for any potentially interesting targets. Criminals are less likely to target organizations running critical infrastructure, but attempted APT-type attacks by hactivists and nation-states are on the increase. Any organization running industrial control systems linked to the Internet is at risk. Administrators of some systems may be unaware that their systems are connected to the Internet, while systems installed some years ago, when cybersecurity was less of an issue, may not be adequately protected from attack.
To protect your organization against APTs, it’s important to know what an APT is — and what it isn’t. In this Dark Reading report, we examine the history of the attacks in the context of what’s happening today, analyze the ways in which the attacks are perpetrated, and provide recommendations for knowing when such an attack is an imminent threat for your organization. (S6920513)