dcsimg

The Most Famous Advanced Persistent Threats in History

  • The Most Famous Advanced Persistent Threats in History-

    Titan Rain was the code name given by the U.S. government to a series of cyber espionage attacks launched in 2003 on U.S. defense contractors, including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal and NASA. The attacks were claimed to be of Chinese origin, although the Chinese government denied any involvement.

    What was new in the attacks that began to emerge at this time was the level of deception and the use of multiple attack vectors (channels of attack), which combined well-researched social engineering attacks on specific, targeted individuals with stealthy Trojan horse attacks using malware techniques that were calculated to bypass contemporary security countermeasures.

    The sensitive nature of the incidents and targets encouraged a blanket of government secrecy, which was understandable but, with hindsight, unfortunate because it helped the perpetrators to broaden their attacks to steal data from a wider spectrum of enterprises, encompassing all major sectors of industry including aerospace, defense, energy, financial services, manufacturing, pharmaceutical, technology and others.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24

The Most Famous Advanced Persistent Threats in History

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24
  • The Most Famous Advanced Persistent Threats in History-4

    Titan Rain was the code name given by the U.S. government to a series of cyber espionage attacks launched in 2003 on U.S. defense contractors, including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal and NASA. The attacks were claimed to be of Chinese origin, although the Chinese government denied any involvement.

    What was new in the attacks that began to emerge at this time was the level of deception and the use of multiple attack vectors (channels of attack), which combined well-researched social engineering attacks on specific, targeted individuals with stealthy Trojan horse attacks using malware techniques that were calculated to bypass contemporary security countermeasures.

    The sensitive nature of the incidents and targets encouraged a blanket of government secrecy, which was understandable but, with hindsight, unfortunate because it helped the perpetrators to broaden their attacks to steal data from a wider spectrum of enterprises, encompassing all major sectors of industry including aerospace, defense, energy, financial services, manufacturing, pharmaceutical, technology and others.

Many of today’s most destructive advanced persistent threats (APTs) were conceived a decade ago, so enterprises that rely on most traditional approaches to cybersecurity are unlikely to succeed against the next generation of attacks. This is one of the cautions in a new book published by global IT association ISACA in cybersecurity awareness month.

Advanced Persistent Threats: How to Manage the Risk to Your Business advises that traditional defenses such as firewalls and anti-malware are not up to the challenge of today’s APTs and that organizations need to add skills, processes and technology to their cybersecurity arsenal.

While new tools are needed to combat ever changing security threats, it is helpful to examine the history of the APT, because it is possible to derive many important lessons for defending against them in the future. The earliest use of the term “advanced persistent threat” emerged from the U.S. government sector in 2005, describing a new, deceptive form of attack that targeted selected employees and tricked them into downloading a file or accessing a website infected with Trojan horse software. This slideshow summarizes known facts, anecdotal evidence and reported claims behind some of the most well known attacks experienced over the last 15 years.