Home page logo

dataloss logo Data Loss mailing list archives

What is an Advanced Persistent Threat?
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 9 Jul 2014 19:08:58 -0600


If you’ve ever seen a movie where the bad guys are using ongoing, invasive
hacking to spy on their “enemy,” you have some familiarity with an advanced
persistent threat (APT).

This term usually refers to an attack carried out by a group that targets a
specific entity using malware and other sophisticated techniques to exploit
vulnerabilities in the target’s systems. It is often done for intelligence
gathering with political, financial or business motives.

For example, an APT aimed at a corporation could take the form of
Internet-based malware that is used to access company systems, or a
physical infection, such as malicious code uploaded to the system via a USB
drive. These kinds of attacks often leverage trusted connections, such as
employee or business partners to gain access and can happen when hackers
use spear phishing techniques to target specific users at a company.

Remaining undetected for as long as possible is a main objective with these
attacks. It is their goal to surreptitiously collect as much sensitive data
as they can. The “persistent” element implies that there is a central
command monitoring the information coming in and the scope of the

Even though APTs are not usually aimed at individuals, you could be
affected if your bank or another provider you use is the target of an
attack. For example, if attackers secretly gather intelligence from your
bank, they could get access to your personal and financial information.

Since you could potentially be affected by an APT attack on an entity or
company that you do business with, it’s important that you employ strong
security measures.

- Use a firewall to limit access to your network.
- Install comprehensive security on all your devices, like McAfee LiveSafe™
service, since malware is a key component in successful APT attacks.
- Don’t click on attachments or links you receive from people you don’t
- Keep your personal information private. Be suspicious of anyone who asks
for your home address, phone number, Social Security number, or other
personal identifying information. And, remember that once you share
personal information online it’s out of your control.
- Check to see if the websites you share sensitive information with use
two-factor authentication. This is a security technique that uses something
that you know, such as your password, and something you possess, such as
your phone, to verify your identity. For example, your bank may ask for
your password online, as well as a code that it has sent via text message
to your phone. This is a 2nd layer of protection and should be enabled for
sensitive information.
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 


Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!

  By Date           By Thread  

Current thread:
  • What is an Advanced Persistent Threat? Audrey McNeil (Jul 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]