Reference no: EM132082059

You need to review this article with references.

An advanced persistent threat (APT) is a broad term used to describe an attack campaign in which an intruder, or team of intruders, establishes an illicit, long-term presence on a network in order to mine highly sensitive data (Incapsula, 2018).

To better understand how to defend against an APT the organization must know how an APT conducts their operations. FireEye lists six steps of an APT attack.

First the cyber criminal, or threat actor, gains entry through an email, network, file, or application vulnerability and inserts malware into an organization's network.

The network is considered compromised but not breached. Second, the advanced malware probes for additional network access and vulnerabilities or communicates with command-and-control (CnC) servers to receive additional instructions and/or malicious code. Next, the malware typically establishes additional points of compromise to ensure that the cyber attack can continue if one point is closed.

Next, once a threat actor determines that they have established reliable network access, they gather target data, such as account names and passwords.

Even though passwords are often encrypted, encryption can be cracked. Once that happens, the threat actor can identify and access data. Next, the malware collects data on a staging server, then exfiltrates the data off the network and under the full control of the threat actor.

At this point, the network is considered breached. Finally, evidence of the APT attack is removed, but the network remains compromised.

The cyber criminal can return at any time to continue the data breach (FireEye, 2018). It is important to understand that traditional cyber security methods, such as defense-in-depth, firewalls, and antivirus cannot protect an organization from an APT threat. Using a more adaptive defense method can be the key to an organization's ability to defend against APTs.

Some methods to improve an organization's ability to defend against APTs include: use big data for analysis/detection, share information with the right people, understand the "kill chain", look for indicators of compromise (IOCs), test your network, and support more training for APT hunters (Armerding, 2014).

The overall theme between these methods is the assumption that the network is already compromised so defense includes finding the threat within the perimeter. Additional recommendations include: focus on solutions that address the malware risk, pay more attention to targeted attacks, develop expertise to handle the risk posed by Java and Adobe Readers, make the business case for investing in technologies that address APTs, understand the financial consequences of APTs, adopt new approaches to fight APTs, and endpoint security is an important part of an APT security strategy (Ponemon, 2014).

Some estimates of the costs of APT attacks are approximately $10 million. This makes a strong case for the business to invest in new techniques and technologies to combat the APT threat. Since the beginning of time, Satan has been attempting to corrupt this world and us. He could be considered the ultimate APT.

Just like cyber attackers, Satan seeks out the weak points in us to gain a foothold to slowly erode our faith. One specific example of how Satan finds and corrupts the weak is his interactions with Peter. During the difficult time of Jesus' capture Peter denied Jesus three times, "But Peter said, "Man I do not know what you are talking about." And immediately, while he was still speaking, the rooster crowed." (Luke 22:60).

This shows that even the people with the closest relationship with God can fall victim to the persistent threat. Also, similar to how APTs target government agencies and large corporation due to the potential for sensitive or valuable information, Satan attacks big targets such as Jesus, "Then Jesus was led by the Spirit into the wilderness to be tempted by the devil." (Matthew 4:1)

Regardless of the situation it is good to know that there are defenses against APTs and Satan's threats.

Attachment:- References.rar