Cybercrime and espionage have cost companies over $500 Billionhttp://ctt.ec/12Ga3+" width="33" height="30" />in lost IP and untold lost jobs and productivity. The term ‘Advanced Persistent Threat’ was originally used by US Air Force security analysts to describe a particular actor behind a series of attacks. The term has evolved into a broader meaning, now encompassing the actor, the tools, and the process used to launch long-term campaigns. Unlike the ‘smash and grab’ approach used by Hacktivists, or the opportunistic ‘spray and pray’ approach used by low level or solo actors, APTs stem from well-funded, well organized adversaries, often backed by nation-state actors with long-term strategic goals.
>>Download Whitepaper on Controlling APT using Next-Gen Firewall
3 Distinguishing attributes of APT:
- Custom Tool and Payload
- Patient and Strategic
- Fatal Motive
What is Click Fraud?
Companies who advertise on the internet can get better ad placement by paying the host of their ad every time a user clicks on it. Click fraud schemes use automated methods of repeatedly clicking on a given advertisement to boost the revenues of the hosting site artificially. Click fraud is one of many ways that cyber-criminals can monetize their efforts.
>>Download Whitepaper on Controlling APT using Next-Gen Firewall
Most Famous APTs:
- APT1 - Compromise Chinese Military Activity
- Flame - Circulated in Middle Eastern Countries
- Operation Shady Rat- 2006 to 2011 McAfee
- Stuxnet - used to sabotage Iran's Nuclear program
Socially Engineered Attacks:
Here’s an exercise you can try at home: Google yourself or friend. Follow the links to Facebook, LinkedIn, YouTube or other personal sites. Look for connected family, friends, personal interests, recent travels, or employer information.With what you find, would you be able to impersonate someone well enough to get a known associate of that person to trust (and click) an emailed link? Some of the most notorious and impactful APTs have begun just this way. Socially
engineered attacks make use of publicly available information to snare users, often through spear-phishing emails.
>>Download Whitepaper on Controlling APT using Next-Gen Firewall
What are your views on the most notorious APTs? Share your views in the comments section below.
Comments