Microsoft: US government is an 'advanced persistent threat' While Microsoft's recent move to encrypt user data made the most headlines, the reasoning underlying its new data protection strategies classify the US government in the same category as a cyber-criminal group.
Brad Smith, Microsoft's EVP of Legal and Corporate Affairs, labeled the American government as an "advanced persistent threat" in a December 4 post on The Official Microsoft Blog. The term advanced persistent threat (APT) refers to an attacker, usually an organized group of malicious attackers, that should be considered harmful and dangerous — and an overall method of attack that plays a "long game. " Microsoft's explosive post begins by stating, "Many of our customers have serious concerns about government surveillance of the Internet.
" Smith wrote in Protecting customer data from government snooping: (...) But security professionals worldwide may not be quite so surprised. Only Americans need to worry about search warrants and subpoenas — in that exact terminology, as written in Mr. Advanced Persistent Threat Awareness Study Results. 2014 Advanced Persistent Threats Are Real Is your enterprise at risk?
Learn why of those who were surveyed: Advanced Persistent Threat. Combating Advanced Persistent Threats. Advanced Persistent Threat (APT): A Brief Definition. Advanced Persistent Threats What’s an Advanced Persistent Threat (APT)?
A Brief Definition Advanced Persistent Threats (APTs) are a cybercrime category directed at business and political targets. APTs require a high degree of stealithiness over a prolonged duration of operation in order to be successful. The attack objectives therefore typically extend beyond immediate financial gain, and compromised systems continue to be of service even after key systems have been breached and initial goals reached. Definitions of precisely what an APT is can vary widely, but can best be summarized by their named requirements: Advanced – Criminal operators behind the threat utilize the full spectrum of computer intrusion technologies and techniques.
Persistent – Criminal operators give priority to a specific task, rather than opportunistically seeking immediate financial gain. Internet-based malware infectionPhysical malware infectionExternal exploitation. How advanced persistent threats bypass your network security. Hundreds of companies around the world have been thoroughly compromised by APTs (advanced persistent threats) -- sophisticated forms of cyber attacks through which hackers mine for sensitive corporate data over the long term.
APTs aren't easily purged; rather, victimized companies often spend day after day trying to make a dent in them. Meanwhile, some security practitioners consider "APT" an overblown marketing term. It isn't. One of the struggles faced by companies (and security consultants) is determining whether a breach is, indeed, an APT. They will call every found singular bot and Trojan an APT and dream up long-term, radical threats from invisible attackers. . [ Also on InfoWorld.com: New malware technique targets intrusion-prevention systems | Learn how to secure your systems with InfoWorld's Malware Deep Dive PDF special report and Security Central newsletter, both from InfoWorld. ] By contrast, APT attackers are there to stay as long as they can. 5 signs you've been hit with an advanced persistent threat.
Hackers who employ APTs (advanced persistent threats) are a different breed.
A real and constant threat to the world's companies and networks, APT hackers tend to be well organized, working together as part of a professional team. Their goal, typically, is to steal valuable intellectual property, such as confidential project descriptions, contracts, and patent information. Generally, APT hackers employ familiar methods, using phishing emails or other tricks to fool users into downloading malware. But the ultimate objective tends to be very ambitious. 5 signs you've been hit with an advanced persistent threat. Advanced Persistent Threats: How They Work. Advanced persistent threat. APT usually refers to a group, such as a government, with both the capability and the intent to target, persistently and effectively, a specific entity.
The term is commonly used to refer to cyber threats, in particular that of Internet-enabled espionage using a variety of intelligence gathering techniques to access sensitive information,[2] but applies equally to other threats such as that of traditional espionage or attacks.[3] Other recognized attack vectors include infected media, supply chain compromise, and social engineering. The purpose of these attacks is to place custom malicious code on one or multiple computers for specific tasks and to remain undetected for the longest possible period. History and targets[edit] The Stuxnet computer worm, which targeted the computer hardware of Iran's nuclear program, is one example.
What is advanced persistent threat (APT)? - Definition from WhatIs.com. An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time.
The intention of an APT attack is to steal data rather than to cause damage to the network or organization. APT attacks target organizations in sectors with high-value information, such as national defense, manufacturing and the financial industry. In a simple attack, the intruder tries to get in and out as quickly as possible in order to avoid detection by the network's intrusion detection system (IDS). In an APT attack, however, the goal is not to get in and out but to achieve ongoing access. To maintain access without discovery, the intruder must continuously rewrite code and employ sophisticated evasion techniques. An APT attacker often uses spear fishing, a type of social engineering, to gain access to the network through legitimate means.