Advanced Persistent Threats (APTs) are a parasitical form of
cyberattack that infiltrates systems to establish a foothold in the computing
infrastructure of target companies from which they smuggle data and intellectual
property (CSA). APTs act stealthy over extended periods of time and even adapt
to the security measures intended to defend against them. Common points of
entry are spear fishing, direct hacking attacks, USB devices preloaded with malicious
code, compromised third-party networks, etc. Once in place APTs blend in with
normal traffic and move through data center networks undetected.
“Carbanak, a major advanced persistent threat (APT) attack
against financial institutions around the world, may be considered the largest
cyberheist to date… Unlike the usual cybercriminal method of stealing consumer
credentials or compromising individual online banking sessions with malware,
the brazen Carbanak gang targeted banks’ internal systems and operations,
resulting in a multichannel robbery that averaged $8 million per bank” (Kessem,
L. 2015).
According to the article the main factor that let attackers
cause such damage was inadequate security controls. Internal core systems were
not well protected since banks didn’t expect an attack from within. The heist
started out slow with initial infiltration facilitated by spear fishing emails
and exploit-laden attachments that compromised employee endpoints with malware.
Although APT attacks can be difficult to detect and
eliminate, some can be stopped with proactive security measures. It is critical
that users be educated to recognize and handle social engineering techniques, therefore
awareness programs should be regularly reinforced. IT departments should be
aware of the latest advanced attacks. Defending against APTs may require more
advanced security controls, process management, incident response plans and IT
staff training, which leads to increased security budgets. Organizations should
weigh these costs against the potential economic damage inflicted by successful
APT attacks.
Resources:
Kessem, L. (2015, February 23), Carbanak: How Would You Have Stopped a $1 Billion APT Attack?,
retrieved from https://securityintelligence.com/carbanak-how-would-you-have-stopped-a-1-billion-apt-attack/
The Treacherous 12 Cloud Computing Top Threats in 2016,
(February 2016), prepared by the Cloud Security Alliance, retrieved from https://downloads.cloudsecurityalliance.org/assets/research/top-threats/Treacherous-12_Cloud-Computing_Top-Threats.pdf
No comments:
Post a Comment