Security: Know your APT

Advanced Persistent Threats (APTs) has been estimated to grow faster than other technologies. APT is a a part of the classified category of cyber crime directed at  business at large and / or political targets. They are built with a high degree of stealithiness over a prolonged duration of operation in order to be successful. APTs are built with a fixed goal of remaining invisible as long as possible. As such, tahe APT operators tend to focus on “low volume” attacks and over time they would have covered a large area,  stealthily crawling from one host to the next as it is being compromised., and ensuring to avoid generating regular or predictable network traffic. Damballa predicts that the volume of persistent attacks directed at large corporations will continue to increase and the victims will continue to feel as though they have been specifically targeted in the year 2012. McaFee is clear in commenting that the solutions in silos don’t enrich each other with relevant data and introduce greater complexity to analysis and remediation, giving the advantage to the perpetrators of the APT. 

APT’s are designed with two fold goals. They are used to steal information and achieve economic, political and strategic supremacy. They also establish entry, maintain and occupy their target’s environment, as a force they can call upon at any time. They are designed to easily defeat normal defense systems. They successfully evades anti-virus software, network intrusion detection and under equipped incident responders. APTs are designed for combat as remote controlled insurgents and they conceal themselves with sophisticated techniques  apart from hiding malware on their target’s own hosts.

Emerging technologies to a certain extent are useful in managing the risk of APTs:
1. Dynamic Virtualization
2. Adaptive Analytics
3. Cybercrime Intelligence

--- Know Your Network