By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Cross-Site Scripting: The Real WordPress Supervillain
    Cross-Site Scripting: The Real WordPress Supervillain
    12 months ago
    Beware of search toolbars
    12 months ago
    What is the Thunderstrike Mac OS X Firmware Bootkit?
    12 months ago
    Latest News
    Beware of scammers! Dangerous apps in the App Store
    2 days ago
    How To Limit Login Attempts on WordPress (+ Should You?)
    3 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 18, 2023 to September 24, 2023)
    3 days ago
    Two privilege escalation vulnerability in Simple Membership Plugin
    4 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Cloudflare Notification about increase in ransom DDoS threats
    12 months ago
    Windows 11 build 25169 outs with new features
    12 months ago
    How to enable Bluetooth on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    8 months ago
    Now you can speed up any video in your browser
    8 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    9 months ago
  • How To
    How ToShow More
    Detecting zero-days before zero-day
    Detecting zero-days before zero-day
    23 hours ago
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
    23 hours ago
    Network performance update: Birthday Week 2023
    Network performance update: Birthday Week 2023
    23 hours ago
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    Cloudflare now uses post-quantum cryptography to talk to your origin server
    2 days ago
    Privacy-preserving measurement and machine learning
    Privacy-preserving measurement and machine learning
    2 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    The most Important Shortcuts Keys For Computer
    12 months ago
    What’s new in Chrome 88
    12 months ago
    Windows 11 might get floating Taskbar similar to macOS
    9 months ago
    Latest News
    How to enable extensions for Google Bard AI
    2 days ago
    Window 11 Copilot: 10 Best tips and tricks
    2 days ago
    How to create AI images with Cocreator on Paint for Windows 11
    3 days ago
    How to install September 2023 update with 23H2 features for Windows 11
    4 days ago
  • Glossary
  • My Bookmarks
Reading: All You Need to Know About APTs
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

All You Need to Know About APTs

Vitus White
Last updated: 13 October
Vitus White 12 months ago
Share
7 Min Read

Nowadays, we talk a lot about malware that invades our daily activities. Some are more dangerous than others — whether they target private users or companies. Organizations are also threatened by attacks for their intellectual property, which is a key element in the functionality of a business. Advanced persistent threats (APTs) are amongst the most dangerous that exist in the computing world. During the RSA Conference 2013, held in Amsterdam, we met with Neil Thacker, Security Strategist at WebSense, Jaime Blasco, Director of Alien Vault Labs and Costin Raiu, Director of the Global Research and Analysis Team (GReAT) at Kaspersky Lab. With their help, we unraveled the characteristics of these attacks and the way organizations and individuals can protect themselves against them.

APT

Advanced Persistent Threats — quite an intimidating name, isn’t it? “Advanced” because the tools used in these attacks are more sophisticated than those usually used by cybercriminals. “Persistent” because once a breach is created in an organization, it can last for months or even for years in certain cases. These attacks mainly target companies. Nevertheless, home users are not safe either — you may not be an interesting target, but you still might be useful for cybercriminals who could then target your friend or a member of your family who holds an important position in a company. The damage caused by these attacks is much more important than the damage caused by simple malware — as Neil Thacker explained to us, “they use different vectors, different types of exploits, different types of vulnerabilities to access companies’ sensitive data”. However, you may be wondering, what do cybercriminals actually target with this type of attack?

The intellectual property, a major target

Most companies store their important data within their networks. Patents, innovative designs, models and even sensitive or confidential data — everything is stored there. The main target of APTs is intellectual property. Criminals identify an employee who has access to sensitive data — and preferably, someone who is not aware of all these security issues — in order to infiltrate the network and collect all the data that is stored on his/her computer. “If you have this kind of data within your company, you should be aware of these types of threats and put in place all the necessary means that exist nowadays to protect these intellectual properties,” Jaime Blasco warned. But criminals can go beyond espionage; they can cause serious damage and paralyze the entire functioning of the targeted company, as Costin Raiu, Director of Research at Kaspersky Lab, explains: “We had cases where these attacks caused direct damage to the activities of the company. For instance, the attack against Saudi Aramco, an oil company: 30,000 computers were paralyzed in a targeted attack in August last year. So yes, intellectual property is the most frequent target, but the paralysis of an entire network and therefore of all the activities of a company can also be an objective or consequence”. Now that we’ve established this fact, you are probably wondering how and with what tools companies can protect themselves from these attacks.

No silver bullet, but some means to fight back

The first thing to know is that, as our three experts explained, there’s no “silver bullet” solution. Nevertheless, each of them gave us some advice in order to minimize the risks as much as possible.

“You obviously need certain technologies to protect yourself from these threats, but for me, the solution is a combination of processes, technologies and human actions. Prevention and education are the most important factors.” -Jaime Blasco

There’s no magic recipe, but some behaviors and processes should be implemented according to Jaime Blasco: “You obviously need certain technologies to protect yourself from these threats, but for me, the solution is a combination of processes, technologies and human actions. Prevention and education are the most important factors.” Costin Raiu added that “studying the victims of APTs is also very useful. Doing so, we notice that 95% of these attacks target companies with security standards that are not strict enough. They don’t know the risks or the practices in terms of security, they don’t install the latest patches nor do they use antivirus software. And they get compromised. First of all, companies need to make sure they have the latest patches, the latest operating system and that they use a safe browser [such as Chrome or Firefox] with the latest patches installed. We also need to educate users. If you manage to gather all these ingredients, you will be better protected against targeted attacks.” As far as Neil Thacker is concerned, “it is also essential to educate certain employees.” This education must be given at all levels of the organization. Don’t underestimate cybercriminals, if you know about the risks and you’ve taken all the necessary precautions, they won’t hesitate to target some of your less cautious partners and use them to reach you.

To conclude, it is safe to say that the targeted attacks or APTs will keep on existing and expanding as long as companies have attractive data. There’s no miracle solution, but prevention and education within companies seems to be the first step towards increased security. Always keep in mind that 100% safety does not yet exist, therefore, you should always remain vigilant.


Source: kaspersky.com

Translate this article

TAGGED: Chrome, Firefox, Malware, RTF, Security, Software, Targeted Attack, Threat, Threats, Vulnerabilities
Vitus White October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Detecting zero-days before zero-day
Detecting zero-days before zero-day
Apps 23 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps 23 hours ago
Network performance update: Birthday Week 2023
Network performance update: Birthday Week 2023
Apps 23 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps 2 days ago
Privacy-preserving measurement and machine learning
Privacy-preserving measurement and machine learning
Apps 2 days ago

You Might Also Like

Detecting zero-days before zero-day
Apps

Detecting zero-days before zero-day

23 hours ago
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Apps

See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan

23 hours ago
Cloudflare now uses post-quantum cryptography to talk to your origin server
Apps

Cloudflare now uses post-quantum cryptography to talk to your origin server

2 days ago
Privacy-preserving measurement and machine learning
Apps

Privacy-preserving measurement and machine learning

2 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
How to install September 2023 update with 23H2 features for Windows 11
How to get the latest Windows 11 innovations
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme

10 New Stories

Encrypted Client Hello – the last puzzle piece to privacy
Beware of scammers! Dangerous apps in the App Store
How to enable extensions for Google Bard AI
Reminder: Enable two-factor authentication wherever you have it. This business
​​Know exactly when your data is transferred to GoogleIn a world where our data is permanent
​​Fake correspondence with the iPhone interfaceIn a world where digital communication is
Previous Next
Hot News
Detecting zero-days before zero-day
See what threats are lurking in your Office 365 with Cloudflare Email Retro Scan
Network performance update: Birthday Week 2023
Cloudflare now uses post-quantum cryptography to talk to your origin server
Privacy-preserving measurement and machine learning
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?