How to Combat and Recover From APTs

 
 
By Karen A. Frenkel  |  Posted 02-16-2016 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How to Combat and Recover From APTs
    Next

    How to Combat and Recover From APTs

    Rather than target a mass audience, Advanced Persistent Threats zero in on specific individuals, who, if compromised, can be used to advance the goal of the attack.
  • Previous
    Defend the Pre-Perimeter
    Next

    Defend the Pre-Perimeter

    Leverage the cloud and use mail filtering and antispam solutions to remove potentially infected emails or attachments before they get to your network. Use Domain Name Services security products that have a real-time database of spoofed and compromised services.
  • Previous
    Defend the Perimeter
    Next

    Defend the Perimeter

    Conduct penetration testing regularly. Install intrusion detection and intrusion prevention systems over and above standard firewalls. Regularly audit firewall and Security Information and Event Management (SIEM) logs for anomalies.
  • Previous
    Defend the Soft Interior
    Next

    Defend the Soft Interior

    Train and educate users about security protocols, implement BYOD and VPN policies, and have C-level executives back policies. Visibly enforce these policies and make sure users are trained for the latest threats.
  • Previous
    Harden the Soft Interior
    Next

    Harden the Soft Interior

    Deploy and maintain antivirus, firewall, whitelisting and sandboxing/containerization technologies. Keep software up-to-date through patching.
  • Previous
    Encrypt Everything Sensitive
    Next

    Encrypt Everything Sensitive

    Encrypt your data at multiple checkpoints. Encrypted data is useless to the cyber-attacker.
  • Previous
    Backup, Backup, Backup and Then Restore
    Next

    Backup, Backup, Backup and Then Restore

    Back up using three methods: File backup to off-site storage for organizational recovery. File backup to local storage for immediate volume recovery. File backup to local storage for immediate file recovery. Fully test backups by restoring critical data and verifying the data's integrity.
  • Previous
    Ensure the Principles of Least Privilege Throughout
    Next

    Ensure the Principles of Least Privilege Throughout

    Domain administrators should not use domain administrator credentials for basic break-fix solutions. All you need is local administration. Rather than run as a system, custom software should have its own system-level account and privileges.
  • Previous
    Perform Regular Access Audits
    Next

    Perform Regular Access Audits

    Frequently audit all access control lists. Have you insured that all ex-employee and contractors' accounts and logins have been disabled or deleted?
  • Previous
    Enforce Your Last Line of Defense
    Next

    Enforce Your Last Line of Defense

    There is a critical shortage of skilled and experienced IT security pros. Train system administrators in IT security so that when they accidentally stumble upon an anomaly, they instantly recognize and react to it.
 

In 1983, Fred Cohen, then a computer science student at the University of Southern California, demonstrated that no algorithm could perfectly detect all possible viruses and their variants. He published his findings in 1987 in ACM's journal, Computers and Security, in an article titled "Computer Viruses: Theory and Experiments." His work was the precursor to Advanced Persistent Threats (APTs). Rather than target a mass audience, APTs zero in on specific individuals, who, if compromised, can be used to advance the goal of the attack. Hackers use someone's alma mater, or a past job, for example, to key the email around. The main objective is to gain access to low-priority areas that companies have failed to protect adequately. By being patient, hackers gradually work their way into higher value segments of the network where important data resides. Cyber-security solutions company Comodo offers 10 tips for system administrations and IT directors to use a multilayered approach to combat and recover from ATPs.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...