Enabling remote logging capabilities is crucial, Arries said. Often, those who break into a server tend to wipe out activity logs and any other evidence of their presence from the server, he said. One way to get around this is to make sure that all logs are created and stored at a central location.
"If you have not yet identified systems within your enterprise that have been compromised through these advanced attacks, you probably are very lucky -- or you aren't looking closely enough," Yoran added.
Expect these kinds of attacks to continue. As George Kurtz, CTO of McAfee, explained after the Google attacks were made public: "These attacks have demonstrated that companies of all sectors are very lucrative targets. [APTs are] the equivalent of the modern drone on the battlefield. With pinpoint accuracy, they deliver their deadly payload, and once discovered -- it is too late."
Jaikumar Vijayan covers data security and privacy issues, financial services security, and e-voting for Computerworld. Follow Jaikumar on Twitter at Twitter @jaivijayan or subscribe to Jaikumar's RSS feed. His email address is email@example.com.