How To Detect And Defend Against Advanced Persistent Threats

[Excerpted from "Detecting and Defending Against Advanced Persistent Threats," a new report posted this week on Dark Reading's Advanced Threat Tech Center.]

One of the most insidious cyberthreats is the one that lies in wait. These exploits, commonly known as advanced persistent threats, are sophisticated, custom exploits with the express objective of gaining access to a targeted system and remaining undetected for an extended period of time.

An APT’s success requires considerable resources and expertise — hence the term “advanced.” “Persistent” doesn’t mean a continual barrage of attacks launched in the hope that one may succeed, but instead the relentless pursuit and development of a successful attack methodology. These exploits are developed by skilled, motivated, organized and well-resourced programmers working with a well-defined road map. These attacks can take many months to develop and even longer to successfully deploy.

The concern about APTs is increasing because of an escalating number of incidents and the severity and extent of the damage they cause. Cisco Security Intelligence Operations has reported a significant increase in the number of unique instances of malware it’s finding, an indication of APTs under development or being deployed. And although big and well-armed companies such as Google, RSA, Sony, and Lockheed Martin have been hit, there are signs that APTs may be going after smaller and less well-protected organizations to get to their eventual targets.

To combat the threat of APTs, it’s important to understand the different phases of an APT attack and the defenses required for each.

To read about the six phases of an APT -- and potential defenses that your organization can employ in each phase -- download the free report on how to detect and defend against APTs.

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.