5 tips for defending against advanced persistent threats

APTs are increasing in occurrence and severity, as are the costs associated with protecting businesses adequately from. Is your organization prepared to do battle against an APT? You better be.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

The aptly named advanced persistent threat (APT) is a type of network attack in which an attacker selects a specific target, uses social engineering and advanced technologies to break into a network and then focuses on that target for weeks, months or years until the attack has successfully played out (or been thwarted). Once inside a network, the attacker's goal is to remain undetected while using some type of malware to capture confidential information, which is ultimately sent to a different location for analysis and then sold on the black market.

APTs are highly organized, sometimes with a complete staff, and have plenty of monetary and technological resources. Although APTs may use common hacker tools, they more often employ sophisticated, customized software that's less likely to be picked up by a security protection system. Types of APTs or delivery mechanisms include zero-day attacks, phishing, advanced malware and a variety of Web compromises.

This article looks at five ways to protect an organization's assets from APTs. All are important.

1. Implement defense in depth

To continue reading this article register now

Join the discussion
Be the first to comment on this article. Our Commenting Policies