Advanced Persistent Threat (APT)
- Monday, June 21, 2010, 12:46
- Threat Research
APT, the Advanced Persistent Threat, is the buzz word that everyone is using. Companies are concerned about it, the government is being compromised by it and consultants are using it in every presentation they give.
One of the main reasons organizations are broken into today is because they are fixing the wrong vulnerabilities. If you fix the threats of three years ago, you will lose. APT allows organizations to focus on the real threats that exist today.
While APT is important, we need to clear the smoke and hype, focusing on why it is important and what it means to you. Instead of just using it as a buzz word, if we understand the core components of APT, we can use it to improve our security. In APT, threat drives the risk calculation. Only by understanding the offensive threat will an organization be able to fix the appropriate vulnerabilities.
What is APT?
APT is the new way attackers are breaking into systems. APT is a sophisticated, mercurial way that advanced attackers can break into systems, not get caught, keeping long-term access to exfiltrate data at will. The following are the important things to remember:
1) APT focuses on any organization, both government and non-government organizations. Some people make the mistake of thinking that the APT is only focused on the Department of Defense (DoD). When it comes to cyberattacks the lines between government and commercial are blurring