APTs are both nightmares and the stuff of legend for business leaders and security managers across the globe. In this series, CSO will examine the processes and tools used by attackers during these types of campaigns, and various mitigating factors.
Advanced Persistent Threat, or APT, is one part marketing and one part generic description. APT-based incidents are hard, if not outright impossible to prevent, making them the type of incident that often requires well-defined response and recovery plans, with the objective being harm reduction and loss mitigation. This is because it's an unfortunately reality that once an APT-based incident has been discovered, it's often the case that's too late to do anything else.
In an interview with CSO for this series, Rik Ferguson, the VP Security Research at Trend Micro, added that said unfortunate reality certainly holds true when targeted attack campaigns are countered (or attempted to be countered) by traditional security architecture and management.
However, security professionals who understand that changes in their basic assumptions, as well as changes to their choices and deployments in technology, are required when it comes to dealing with targeted attack campaigns, there's still a fighting chance.