The Most Famous Advanced Persistent Threats in History

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24

The Most Famous Advanced Persistent Threats in History-16

The Stuxnet computer worm, discovered in June 2010, was the first piece of malware found in the public domain that is designed to spy on and subvert industrial process systems. Stuxnet was claimed to have been created by the U.S. and Israel in order to attack Iran’s nuclear facilities. The malware was reported to have caused substantial damage to the centrifuges at the Natanz nuclear enrichment laboratory in Iran.

The worm specifically targeted Siemens industrial software and equipment, making itself inert if the target software was not found and containing safeguards to limit the spread of the infection. It was the first piece of malware to include a programmable logic controller (PLC) rootkit. It was also programmed to erase itself on a specific date in June 2012. The design of the worm suggests that it was intended to achieve a specific objective against a particular target rather than to support a general intelligence-gathering operation.

Many of today’s most destructive advanced persistent threats (APTs) were conceived a decade ago, so enterprises that rely on most traditional approaches to cybersecurity are unlikely to succeed against the next generation of attacks. This is one of the cautions in a new book published by global IT association ISACA in cybersecurity awareness month.

Advanced Persistent Threats: How to Manage the Risk to Your Business advises that traditional defenses such as firewalls and anti-malware are not up to the challenge of today’s APTs and that organizations need to add skills, processes and technology to their cybersecurity arsenal.

While new tools are needed to combat ever changing security threats, it is helpful to examine the history of the APT, because it is possible to derive many important lessons for defending against them in the future. The earliest use of the term “advanced persistent threat” emerged from the U.S. government sector in 2005, describing a new, deceptive form of attack that targeted selected employees and tricked them into downloading a file or accessing a website infected with Trojan horse software. This slideshow summarizes known facts, anecdotal evidence and reported claims behind some of the most well known attacks experienced over the last 15 years.

More Slideshows

PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ... More >>

How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ... More >>

The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ... More >>

Subscribe Daily Edge Newsletters

Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.