The Most Famous Advanced Persistent Threats in History

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24
Next The Most Famous Advanced Persistent Threats in History-12 Next

In 2009, a new banking Trojan known as SpyEye emerged, retailing for $500 on Russian underground forums. Like Zeus, SpyEye is designed to steal customer credentials and initiate transactions when a victim logs onto his/her bank account. A variant of SpyEye discovered in 2012 was able to modify displays of bank statements and balances. Newer variants of Zeus and SpyEye, generally with increasing levels of sophistication, continue to emerge in response to improvements in security defenses. In May 2013, the alleged developer and controller of SpyEye, Hamza Bendelladj, an Algerian hacker, was extradited from Thailand to the U.S. and charged with numerous count of fraud.

One of the SpyEye command and control servers sited in Atlanta, Georgia (U.S.A.) allegedly contained information from 253 different financial institutions.

Many of today’s most destructive advanced persistent threats (APTs) were conceived a decade ago, so enterprises that rely on most traditional approaches to cybersecurity are unlikely to succeed against the next generation of attacks. This is one of the cautions in a new book published by global IT association ISACA in cybersecurity awareness month.

Advanced Persistent Threats: How to Manage the Risk to Your Business advises that traditional defenses such as firewalls and anti-malware are not up to the challenge of today’s APTs and that organizations need to add skills, processes and technology to their cybersecurity arsenal.

While new tools are needed to combat ever changing security threats, it is helpful to examine the history of the APT, because it is possible to derive many important lessons for defending against them in the future. The earliest use of the term “advanced persistent threat” emerged from the U.S. government sector in 2005, describing a new, deceptive form of attack that targeted selected employees and tricked them into downloading a file or accessing a website infected with Trojan horse software. This slideshow summarizes known facts, anecdotal evidence and reported claims behind some of the most well known attacks experienced over the last 15 years.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

biometrics Biometrics: Moving Far Beyond Fingerprints

Biometrics are changing the way we think about security. Here are some of the more innovative ways biometrics are being used and what we can expect in the future. ...  More >>

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.