Sunday, January 24, 2010

Advanced Persistent Threat

With the recent advent of highly sophisticated attacks on Google and other commercial organisations, there is a new security term in cyber-security that called "Advanced Persistent Threat (APT)".

Look at this definition: source: [mandiant.com]
The Advanced Persistent Threat (APT) is a sophisticated and organized cyber attack to access and steal information from compromised computers. The intruders responsible for the APT attacks target the Defense Industrial Base (DIB), financial industry, manufacturing industry, and research industry. The attacks used by the APT intruders are not very different from any other intruder. The main differentiator is the APT intruder’s perseverance and resources. They have malicious code (malware) that circumvents common safeguards such as anti-virus and they tend to generate more activity than wanton “drive by hacks” on the Internet. The intruders also escalate their tools and techniques as a victim firm’s capability to respond improves. Therefore, the APT attacks present different challenges than addressing common computer security breaches.

No comments:

Post a Comment