Three things you need to know about Advanced Persistent Threats – like, yesterday.

To this day, Invasion of the Body Snatchers bothers me, likely because the idea that enemies are not always easily identified and can end up being people you least expect triggers some of my most basic fears. We can debate the merits of its place in cinematic history; however there is no debate that something along this same storyline is playing out in cyberspace today.

Looking for ways to upgrade your network security?
Check out our security solution guide.

Advanced Persistent Threats (APT), which is one of our key terms you should know for 2013, are on the rise in every country and in every industry. Consequently, it’s a term that is getting lots of attention in the press and social media. However, as data from a recent report from ISACA suggests, many businesses do not understand the complexity or scope of this category of threat. Therefore, here are three things you need to know about APTs:

They’re not your average threat.

The ISACA survey revealed that over half of all respondents did not perceive that APTs are any different from more common threats.  The truth is, of course, that they are.

  • They’re sophisticated.  They are coordinated by people with very specific objectives and the ability to gather material data about their target from multiple sources, meaning the attack will be highly targeted.
  • They’re tailor-made for the victim (or at least appear to be).  APTs typically enter the network via familiar means, e.g. – your bank sends you a seemingly legitimate email with a URL in it asking you to verify your account.  Once you proceed, the attack is launched.
  • They’re persistent.  This indicates that the entity behind the attack is not likely a single individual. Rather, it’s a group with significant available means capable of continuously retargeting and reworking their attacks until their objective is breached.

They’re already here.

According to the ISACA survey, roughly 20% of respondents indicated they’d already been a target of an APT, with 60% saying they expected their business to be targeted soon.

That 60% is right.  All signs point to the rapid growth of APTs.  In fact, some analysts predict we’re already in the midst of the next wave of APTs wherein celebrities, CEOs, and political figures will be targeted for blackmail purposes.

You may not be as prepared as you think you are.

This same survey revealed that nearly 60% of respondents felt they were adequately prepared to respond to APTs, although nearly 90% of those respondents were using traditional methods to fend off attacks.  While having malware and anti-virus software installed on your devices is important, these traditional protection methods offer little resistance to the sophistication of an APT attack.  The question to ask yourself is this, “Is my network secure enough to withstand a year-long attack from the Chinese government?” (something a major media outlet can answer for you).  If you hesitated there, chances are the answer is, “No.”

For all these reasons, it’s critical that you review your enterprise’s 2013 security plan carefully and source partners that can help you bolster your defenses so that you’re not the next victim of an APT.  If you’re interested learning what a customized security solution can do for your business, check out our Security Solutions Quick Guide.

The following two tabs change content below.
Social and mobile marketer, blogger, cat owner, 'Law & Order' superfan, world traveler, history nerd, ice cream lover, and wordsmith. You should see my rap skills ... and my frequent flier miles.

One thought on “Three things you need to know about Advanced Persistent Threats – like, yesterday.

  1. Pingback: 13 Terms You’ll Google in 2013 - Beyond Bandwidth

Leave a Reply

Your email address will not be published. Required fields are marked *


five + = 6

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>