Cybercrime is one of the most severe threats facing businesses and government agencies today. The Ponemon Institute calculated that the average annual cost of cyber crime across 56 organizations in 2012 was $8.9 million. This number has undoubtedly increased over the past five years. The institute also revealed that two-thirds of organizations admitted that their own defenses were insufficient to thwart a targeted cyber attack. This raises a serious question:If organizations know that cyber crime is increasing, why do they still not have sufficient defense protocols in place to protect themselves?
There are numerous types of cyber attack methods that criminals use, such as Trojan horses, worms, viruses, and malware. A growing trend among organized crime outfits and professional cyber crime groups is the utilization of Advanced Persistent Threats (APT). APTs are exactly what they sound like, they are a threat that is advanced and persistent. These targeted and sophisticated cyber attacks do not cease until their intended objective is reached.
APTs have key characteristics that separate them from more common cyber attacks. The groups that coordinate APT attacks are highly trained and well-resourced, which allows them to create opportunities to achieve their objectives using multiple attack techniques. Using various methods of attack allows hackers to deceive their target by camouflaging the real threat among a series of other cyber intrusions. The objective of this type of attack is to establish a foothold within the IT infrastructure of the targeted organization,allowing the attacker to steal information, undermine or impede critical aspects of a network, or position themselves to carry out their objectives in the future.
APTs also enable the attacker to switch objectives mid-attack. For example, a cyber criminal might start by stealing confidential product information, release that information to the general public, then decide to resort to more aggressive attacks to directly affect the victim’s ability to operate.
An Advanced Persistent Threat attack pursues its objective repeatedly over an extended period of time. What makes these attacks so dangerous is their ability to switch objectives, and overcome any defenses it may come up against by adapting and changing their attack styles.
Due to the intense nature of these cyber attacks and the skilled individuals who produce them, it is very difficult for governments and businesses to employ an effective defense strategy to protect themselves. Coordinating this defense effort takes a specialist with advanced skills and technological know-how. It is vital that organizations hire experts who are capable of providing intelligent risk assessments and monitoring, and who are equipped with state-of-the-art forensic analysis skills.
The best strategy to protect yourself from an APT attack is to implement multiple defense mechanisms. For instance, stronger firewalls, passwords, and a multi-layer authentication process will help keep your information safe. It should be noted that these mechanisms do not guarantee complete safety from APT attacks, but they will greatly reduce an attacks rate of success.
Having a cyber breach preparedness program in place to help deal with a breach will also help you to defend your network. A cyber breach program will allow you to detect a breach quickly and counter the attack more effectively, minimizing the damage.
At Wilson Consulting Group (WCG) our cyber intelligence service minimizes threats to your system, alerts users of suspicious network activity, and stops such activities.We are capable of protecting your network from APT attacks by supplying real-time threat detection, prevention, privilege user monitoring, and integrated file integrity monitoring plans. Privilege user monitoring will help identify improper and unsafe access of unauthorized and compromised credentials. Our integrated file integrity monitoring is able to detect suspicious access, deletion and modification to confidential data.
The WCG team recommends that you vigorously monitor your network for suspicious activity. Keep in mind that APT attacks can take place over the span of months, so the sooner you catch suspicious behavior on your network, the better chance you have of protecting your organization from cyber attacks.
Advanced Persistent Threats How to Manage the Risk to Your Business-ISACA