Skip to content

Disco, Tiny Dogs in Purses, and Advanced Persistent Threats: Which One Isn’t a Fad?

April 25, 2011

The first, and (to date) only known cyber attack using the Stuxnet worm almost a year ago didn’t just change the information security landscape; it entered a new acronym into the security professionals lexicon: APT, or Advanced Persistent Threat.  I was reading an article by @DanRaywood on the SC Magazine UK website that asked whether APTs are something will be a permanent threat to large, distributed enterprise networks, or whether the attack on Iran’s nuclear infrastructures is a one-off.

The answer is, as the piece suggests, dependent on how you define the “advanced” and “persistent” parts of the equation.  Hopefully, our previous blog posts have demonstrated that we’re not in the business of scaremongering or spreading FUD but — for what it’s worth – here is our take on APTs:

We believe that cyber attacks are going to continue to become increasingly complex and advanced.  Stuxnet is one prime example of how a basic worm was engineered to attack a specific target — with no less than four embedded zero-day attacks – and to defy detection (with stolen, legitimate digital certificates).  The best way for enterprise security analysts to determine whether or not an attack poses this kind of a threat is by using continuous monitoring that encompasses all security data — not just the traditional event-based information that SIEMs monitor.  Data has become one of the most valuable commodities on the planet and, while vendors like eIQnetworks develop advanced technologies to help enterprise and government agencies to secure it, there will be individuals, “special interest groups” and, in some cases, nation states who will continue to explore ways to overcome them.

We’re sad to say that Advanced Persistent Threats will be part of the security community’s vocabulary for many years to come.

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: