Cyber Security – APT – Advanced Persistant Threats – Capture Phrase…

…from here [The bolding is mine]:

Unlike traditional malicious attacks that occur over a number of minutes (days to weeks at most) and result in a demonstrable system payload, APTs are far more subtle. There is no single event to indicate compromise; the threat is made up of a number of small activities occurring over a long period of time, often up to 18 months.

The challenge facing security experts is that many of these small activities will not raise any alerts. APTs often include a degree of social engineering, with malicious individuals getting information from phone calls or looking up web addresses as a starting point for finding creative ways to gain access to systems, or they use people within the organisation to plant malware components within the system.

These small actions will not stand out from the millions of events occurring on an IT infrastructure every day– they get lost in the crowd. Even if they are noticed, they may be viewed as low risk when compared with traditional security threats, but in the era of APT these low-key events need to be considered differently.

Is there a trend in activity? Could this action actually provide a route into other company assets, such as financial information or intellectual property? Is this small event part of a larger scheme?

What does that sound like sort of? Hmm…

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 224 other followers

%d bloggers like this: