Malicious Cyber Technology Review of Advanced Persistent Threats (APTs)

Table of Contents

Malicious Cyber Technology Review of Advanced Persistent Threats (APTs) 3

Introduction 3

A Review of APTs 3

Conclusion 4

References 5

Introduction

The evolvement of security threats in the world has increased the aggressiveness, success, diversity, and advancement of advanced persistent threats (APTs). However, irrespective of the evolvement in security technologies, security breaches continue to increase. Vukalović and Delija (2015) define APT as a multi-phase form of attack targeting the computer networks of a company. The attackers gain entry to the network through a ‘long game’ strategy, avoid detections and collects a large volume of protected data from the system. One of the challenges faced by APT is that it is naturally complex and varied with an origin from zero-day malware or phishing campaigns. 

A Review of APTs

The intended use of APT according to Tankard (2011) is the collection of sensitive data over a while to maximize the criminal dues. After attaining the entry, hackers use APT to gain communication with the main servers where they attain accessibility to malicious passwords. Advancement in APTs includes the ability to bypass signature-based detection systems. Such systems include the use of spam filters and anti-virus software which are not successful in APT.  Von Ogden (2016) explains that the characteristic of APT to employ zero-day exploits including malware never applied before may filter mind vulnerabilities.

Tankard (2011) explains that APT is tailored to the user’s vulnerability when semi-technical script kiddies borrow codes. The attackers not only attack an organization, but they customize based on the vulnerabilities of the organization. They identify several points of compromise to communicate with home servers. The home servers provide multiple points of entry which assists them to access the vulnerabilities in case one fails. 

The increasing use of APTs has led to the introduction of global policies to counter the issue. Von Ogden (2016) explains that although it is challenging to detect APT, their use is identifiable through the following symptoms: several backdoor Trojans, odd user activities, unusual data files, variation in database operations. Bann, Singh, and Samsudin (2015) explain that the Mandatory Access Control (MAC) strategy is the major employed policy to counter APT in Bring Your Device (BYOD) by the majority of organizations in the global environment. Another policy relates to the protection of data integrity through Clark Wilson’s security policy.

Conclusion

Malicious cyber technology through APTs has increased its global use. The significance of the technology as seen is that the attackers identifies several points of entry in a server where if one fails, the hackers can attack the vulnerabilities following other points of entry. This have led to the introduction of global policies which counterattacks symptoms like several backdoor Trojans, odd user activities, unusual data files, variation in database operations. APTs can be also managed through protection of data integrity by use of Clark Wilson’s security policy.

References

Bann, L., Singh, M., & Samsudin, A. (2015). Trusted Security Policies for Tackling Advanced Persistent Threat via Spear Phishing in BYOD Environment. Procedia Computer Science, 72, 129-136. doi: 10.1016/j.procs.2015.12.113

Tankard, C. (2011). Advanced persistent threats and how to monitor and deter them. Network security, 2011(8), 16-19.

von Ogden, J. (2016). 14 Telltale Characteristics of an Advanced Persistent Threat. CIMCOR. Retrieved from https://www.cimcor.com/blog/14-telltale-characteristics-of-an-advanced-persistent-threatVukalović, J., & Delija, D. (2015, May). Advanced persistent threats-detection and defense. In 2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 1324-1330). IEEE.