Recent Posts

Categories

See all

Archives

See all

What are Advanced Persistent Threats (and First Steps to Take)?

 

 
Businesses are vulnerable, in many ways than we care to explain since we’ll focus on the technology aspect of vulnerability. Security is a huge concern for network administrators of larger companies and it’s an even larger risk for small business owners. Enterprise security is radically complex, challenging, time-consuming, and has the potential to throw a business into a vortex of lost sales or opportunities.

Guess what? No one escapes from the threat, not even Google. If your network hasn’t faced a security threat yet, it’s not a guarantee that it won’t happen tomorrow.  What are Advanced Persistent Threats (APTs)? How do they become a huge problem for enterprises? What works? How should a business arm itself?

Let’s see:

A Verizon 2012 Data Breach Investigations Report reveals that APTs are very much here to give system administrators and business owners sleepless nights. The research claims that a whopping 92% of all organizations and at least 50% of large organizations know about security breaches when notified by someone else. Google, Adobe, Juniper Networks, and Rackspace are some of the large companies that have all been affected by APTs.

The term APT (Advanced Persistent Threat) was first used by the United States Air Force in the year 2006. An APT is a sophisticated attack on specific targets by highly capable attackers to access vulnerable databases, uncover other vulnerabilities, and occur over an extended period of time.

The keyword here – the stuff that makes APTs dangerous – is long-term and “targeted”.  Normal rules fly out of the window. CA Technologies published a whitepaper, which shows this neat little diagram of the stages of an APT:

 

 

Advanced Persistent Threats
 

 

Go deep, on the Defense side

There are few crucial ways to counter such an APT, and that’s to go deep on the defensive. A few ways of accomplishing this is to fortify your network and make any sort of initial penetration difficult for external parties. In the event that your network is compromised, there should be an escalation system to alert you swiftly. Limit your damages, detect compromised accounts early, and do forensic investigation leading to rectification.
Going slow or compromising on defense is asking for trouble.

 

Mitigate Risks

APT could cause data theft, sabotaging of intellectual property, documents, financial or other sensitive information. Customer data loss could also cause a business to lose face, legal consequences, and a tremendous customer backlash. That’s why it’s crucial for an organization to have a holistic, wholesome view of its data use and data storage. Modern risk mitigation techniques allow businesses to use limited, authorized access to all internal accounts (administrators, perhaps). It also allows for delegating specific duties to privileged users.

Securing your businesses against security risks and threats – be it normal security threats or Advanced Persistent Threats – is a primary responsibility you have to shoulder. Data intelligence and business intelligence then isn’t a corporate fancy word; it’s the need of the new economy with technology at its frontier.

How deep is your defensive? How secure is your business? If you’d like us to help you with fortifying your business IT network, do let us know and we’ll be happy to help.

Please Note: Please join us on our Facebook Fan Page, Follow us on Twitter, and do feel free to share your thoughts, ask questions, or even give us a big, warm Hello!


← Older Next →

Recent Posts

Categories

See all

Archives

See all