Nowadays, we talk a lot about malware that invades our daily activities. Some are more dangerous than others — whether they target private users or companies. Organizations are also threatened by attacks for their intellectual property, which is a key element in the functionality of a business.
Advanced persistent threats (APTs) are among the most dangerous that exist in the computing world. Earlier, security researchers have uncovered the first ever Arabic language advanced persistent threat group, called Desert Falcons.
Let's discuss the characteristics of these attacks and the way organizations and individuals can protect themselves against them. Advanced Persistent Threats — quite an intimidating name, isn’t it? “Advanced” because the tools used in these attacks are more sophisticated than those usually used by cybercriminals. “Persistent” because once a breach is created in an organization, it can last for months or even for years in certain cases. These attacks mainly target companies.
Nevertheless, home users are not safe either — you may not be an interesting target, but you still might be useful for cybercriminals who could then target your friend or a member of your family who holds an important position in a company. The damage caused by these attacks is much more important than the damage caused by simple malware — “they use different vectors, different types of exploits, different types of vulnerabilities to access companies’ sensitive data”. However, you may be wondering, what do cybercriminals actually target with this type of attack?
Major target is the intellectual property
Most companies store their important data within their networks. Patents, innovative designs, models and even sensitive or confidential data — everything is stored there. The main target of APT attacks is intellectual property. Criminals identify an employee who has access to sensitive data — and preferably, someone who is not aware of all these security issues — in order to infiltrate the network and collect all the data that is stored on his/her computer.
“If you have this kind of data within your company, you should be aware of these types of threats and put in place all the necessary means that exist nowadays to protect these intellectual properties,” experts warned. But criminals can go beyond espionage; they can cause serious damage and paralyze the entire functioning of the targeted company. Now that we’ve established this fact, you are probably wondering how and with what tools companies can protect themselves from these attacks.
No silver bullet, but some means to fight back
The first thing to know is that, as experts explained, there’s no “silver bullet” solution. Nevertheless, each of them gave us some advice in order to minimize the risks as much as possible. There’s no magic recipe, but some behaviours and processes should be implemented according to Jaime Blasco: “You obviously need certain technologies to protect yourself from these threats, but for me, the solution is a combination of processes, technologies and human actions. Prevention and education are the most important factors.” Costin Raiu added that “studying the victims of APTs is also very useful. Doing so, we notice that 95% of these attacks target companies with security standards that are not strict enough.
They don’t know the risks or the practices in terms of security, they don’t install the latest patches nor do they use antivirus software. And they get compromised. First of all, companies need to make sure they have the latest patches, the latest operating system and that they use a safe browser with the latest patches installed. We also need to educate users. If you manage to gather all these ingredients, you will be better protected against targeted attacks.” As far as Neil Thacker is concerned, “it is also essential to educate certain employees.” This education must be given at all levels of the organization. Don’t underestimate cybercriminals, if you know about the risks and you’ve taken all the necessary precautions, they won’t hesitate to target some of your less cautious partners and use them to reach you.
To conclude, it is safe to say that the targeted attacks or APTs will keep on existing and expanding as long as companies have attractive data. There’s no miracle solution, but prevention and education within companies seems to be the first step towards increased security, therefore, you should always remain vigilant.
110 Reykjavik, Iceland