And, why should I care about Advanced Persistent Threats (APT’s)?

Phishing campaigns typically have a single purpose. Get the user to click a link contained
in an email message (Phish), or open an attachment. DON’T CLICK IT!

Advanced Persistent Threats are malware designed to lurk undetected within a computer network
over a long period of time, surreptitiously monitoring,  gathering and ex-filtrating information for the
purposes of stealing money, gaining control of other more sensitive systems, or stealing identities.18312140_ml

According to Mandiant, on average, APT’s go undetected for almost 8 months on a victim’s computing systems.

Here’s how APT’S Work.

  • Cyber Threat Actor (Cyber Criminal) gains access to the target computer via an email attachment, link to a compromised website, USB flash drive or application vulnerability.
    Once inside, the system is compromised, and advanced malware is installed.
  • Inside your computer or network, the malware further searches for vulnerabilities, and typically begins communicating with cloud based Command & Control (C2) servers to install additional malware and tools to
    cover their tracks.
  • One sophisticated feature of advanced malware is it’s ability to seek for additional access methods so that if one hole is plugged, there is another way into the network. This is where the persistent access is assured.
  • Now, the cyber thugs gather data, user accounts and passwords, identities, banking information, propitiatory intellectual property etc.
  • The ex filtration the stolen information begins by uploading it to a cloud server the criminal controls. Since the attacker retains remote access
    they can return over and over again to steal any new information including customer and patient identities.
  • Removing their tracks by deleting evidence of the crime is the final step.

APT’S

  • Advanced because they use more sophisticated malware coding techniques, features and functions.

  • Persistent as the malware breach typically remains undetected and operational for several months or more continuously leaking data.

  • Threat is the constant Cyber Thug at the other end of the network, having their way with your private information.

Leave a Comment