OSHEAN eCurrent - Page 6

The Advanced Persistent Threat: THE ANATOMY OF AN ATTACK Featuring commentary from Dr. Doug White of Roger Williams University Not too long ago, it seemed that almost everybody knew how they should secure their IT infrastructure based on fairly well-defined market standards. However, today’s organizations need to be prepared for an increasing number of attacks on their networks and IT infrastructure, as technology assaults have been rising in both frequency and severity over the years. As a result, many organizations are changing attack that is designed to spread, transform their approach to network security. With new and ultimately hide within the IT infrastruc- threats constantly emerging, organizations ture. The defensive tools and procedures put in must be aware of what is happening on a daily place to handle more common security threats basis. In this piece, we will examine the anato- are often ineffective because the agents of a my of an Advanced Persistent Threat attack as targeted APT attack require a high degree of an example of one of the more ominous threats stealth over long periods of time and are fo- to your critical technology assets. cused on a specific target. As such, they are The Advanced Persistent Threat able to customize and adapt their tactics and techniques to evade standard security controls An Advanced Persistent Threat (APT) is a and incident response practices to avoid detec- continuous network attack targeting key users tion. within an organization in which an unauthor- The primary targets of an APT attack are typi- ized party gains access, and often remains cally organizations with a large amount of sen- undetected for a long period of time. Once a sitive information. Recent data suggests that network has been infiltrated in an APT, DNS servers are used to contact remote command centers and download instructions. ...[APT] is a type of attack that is The intent behind this type of attack is often to designed to spread, transform steal highly sensitive data such as trade secrets, financial information, intellectual property, and ultimately hide within the IT infrastructure. state and military documents, source code, and any other valuable material rather than to cause damage to the network, and therefore represents a serious threat to an organization’s financial health and reputation — and even a nation’s security. Attackers use APTs because they can overcome APT attacks are expected to spread into many industries, including healthcare, education/universities, government, and IT, but in reality — every organization could be a potential target for APTs. traditional modes of protection; it is a type of 6 | CURRENT 2015-2016 Stronger Together | 7