Attack sophistication largely depends on the security of the selected target. If an attack on critical infrastructure or corporate data theft can be accomplished via traditional phishing and common exploit kits, adversaries will not use advanced techniques. The term, “advanced persistent threat” is also misused or confused with Hacktivists attempting to change industry or government behavior via organized cyber activity — typically denial-of-service campaigns or the posting of compromised sensitive data designed to publicly embarrass an organization or cripple operations.
“The tools, procedures and other controls used to defend commodity security threats are often ineffective against targeted APTs,” said Hensley. “When actors are focused on a specific target, they customize and adapt their tactics, techniques and procedures to predict and circumvent security controls and standard incident responses.”
According to Hensley, an organization can be plagued by a single APT exploitation for months or years — even after it is aware of the effort. The incident response drags on as threat actors continually respond to defensive measures and look for new security weaknesses. “Advanced persistent actors have clear objectives with centralized planning and often decentralized execution,” said Hensley. “These adversaries are highly resourced, methodical, adaptive, resilient, advanced enough and clearly patient.”
In the past year, we have witnessed cyber attacks of unprecedented sophistication and reach. These attacks demonstrate that malicious actors have the ability to compromise and control millions of computers that belong to governments, private enterprises and ordinary citizens. If we are going to prevent motivated adversaries from attacking our systems, stealing our data and harming our critical infrastructure, the broader community of security researchers — including academia, the private sector and government — must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it.
Top Eight Features in Windows Server 8 Windows Server 8 is a technically sophisticated operating system that is crammed with features that bring many previously enterprise-only capabilities to small and mid-sized businesses.