Defending the Enterprise Against Advanced Persistent Threats (APTs)

The threat landscape has seen the rise of hactivism and the quest for greater profits from crime. This has given rise to advanced persistent threat (APTs), one of the most covert targeted attacks employed by cybercriminals.


Call Us Today
The threat landscape has seen the rise of hactivism and the quest for greater profits from crime. This has given rise to advanced persistent threat (APTs), one of the most covert targeted attacks employed by cybercriminals.This method is predominantly used over an extended period to steal highly sensitive data or to weaken or immobile the intended target.For a targeted company, this cantranslate to losses of millions of dollars, trade secrets and competitiveness.

Many organizations have fallen victims to these attacks including global technology firms, financial services, military and defense entities. The threat actors typically include

state sponsored groups and cyber mercenaries. Different means are used to infiltrate the targeted networks such as social engineering and malware that exploits zero-day vulnerabilities. However, based on recent APT trend reports , these groups are utilizing supply chain attacks, masquerading as legitimate software and exploitingbackdoors into critical software. Despite the predominantly targeted nature of APT, the range of victims underline that no industry or enterprise is immune.

In the last two decades, there have been a number of prominent APTs (for example those identified in Table 1) which have undermined the security controls of many well-established organizations.The method and nature of the APTsunderline the incendiary nature of these attacks.

Table 1: Examples ofAPTs

Titan Rain Exploited social engineering attacks on selected individuals·Known to be ongoing for at least 3 years US defense contractors, including Lockheed Martin, Sandia National Labs, Redstone Arsenal, and NASA Undisclosed but likely to be losses of sensitive data, company secrets
Stuxnet First malware to subvert industrial process systems.Contained four different zero- day exploits. · Programmed to erase itself on a specific date. Specifically targeted Siemens industrial software and equipment, and contained safeguards to limit the spread of the infection Substantial damage to critical infrastructure, i.e. the centrifuges at the Natanz nuclear enrichment laboratory in Iran.
Operation Aurora Targeted andmodified sourcecode repositories·The series of attacks lasted several months Targeted Technology companies, including Google, Adobe Systems, Juniper Networks Financial services, defense contractors, security vendors and energy services companies Large quantities of intellectual property stolen, resulting in substantial losses in competitiveness