The processes and tools behind a true APT campaign


Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CSO, Computerworld, InfoWorld, IT World and Network World Learn more.

CSO Online examines each step of an APT campagin in this multi-part series

APTs are both nightmares and the stuff of legend for business leaders and security managers across the globe. In this series, CSO will examine the processes and tools used by attackers during these types of campaigns, and various mitigating factors.

[Spear phishing paves road for advanced persistent threats]

Advanced Persistent Threat, or APT, is one part marketing and one part generic description. APT-based incidents are hard, if not outright impossible to prevent, making them the type of incident that often requires well-defined response and recovery plans, with the objective being harm reduction and loss mitigation. This is because it's an unfortunately reality that once an APT-based incident has been discovered, it's often the case that's too late to do anything else.

In an interview with CSO for this series, Rik Ferguson, the VP Security Research at Trend Micro, added that said unfortunate reality certainly holds true when targeted attack campaigns are countered (or attempted to be countered) by traditional security architecture and management.

However, security professionals who understand that changes in their basic assumptions, as well as changes to their choices and deployments in technology, are required when it comes to dealing with targeted attack campaigns, there's still a fighting chance.

You're viewing Insider content

You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies