Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
“Advanced Persistent Threat”
Getting Back to the Real Meaning of
The time has come for the
cybersecurity world to remember
the true meaning of APTs and
understand the level of danger they...
The basic definition of APTs isn’t specific enough.
Knowing the steps attackers take when launching
an attack and the diff...
Targeted Attack,APT or Both?
APT
TARGETED
ATTACK
BOTH?
APTs are often improperly
categorized because of their
seemingly vague definition.
At its most basic level, an APT is
a ca...
All APTs
Targeted Attacks
All APTs can be considered
targeted attacks.
Targeted Attacks
APTs
However, companies run into
p...
What are the Key Differentiators that Make
APTs Unique Attack Vectors?
Customized Tools and Techniques
Unlike widespread and generic
targeted attacks, APTs include
zero-day exploits, rootkits a...
APTs attempt to move slowly
and stay under the radar for a
long time until the mission is
finished.
Mainstream cyber attac...
High Expectations
APTs are often used to carry out
covert state actions,targeting
military,political or economic data.
The...
One Specific Goal
Organizations executing APTs go
into a project with an objective that
they relentlessly pursue. These
gr...
Understanding What an
APT Attack Looks Like
According to Mandiant*,while different attacker
groups may modify the APT roadmap,these are the 7
steps attackers go throu...
1 2 3 4 5 6 7
Initial Compromise
Attackers compromise an
individual connected to the target
network,often with a spear
phi...
1 2 3 4 5 6 7
Establish a Foothold
A backdoor is implemented to
ensure that the threat group is
able to access and control...
1 2 3 4 5 6 7
Escalate Privileges
User credentials are
compromised in succession to
gain authorized increasing
access to n...
Click below to get our guide about the differences
between honeypots and deception tech...
Coffee Break!
1 2 3 4 5 6 7
Internal Recon
The attackers collect
information about the network
and learn where the valuable
information ...
1 2 3 4 5 6 7
Move Laterally
With the newly acquired
credentials,attackers can move
through the network of
computers until...
1 2 3 4 5 6 7
Maintain Presence
in the Network
Whether it’s through
additional backdoors or valid
PKI and VPN credentials,...
1 2 3 4 5 6 7
Complete the Mission
When attackers make their way
to the valuable data,they
compress it and find a way to
r...
www.illusivenetworks.com
You've earned a donut to go with your coffee. Now you understand the
steps attackers take when la...
Upcoming SlideShare
Loading in …5
×

Getting Back to the Real Meaning of “Advanced Persistent Threat”

1,882 views

Published on

It’s time for the cybersecurity world to remember the true meaning of APTs and understand the level of danger they pose to companies. Let’s ditch the marketing lingo and review what APT really means.

Published in: Technology
  • Be the first to comment

Getting Back to the Real Meaning of “Advanced Persistent Threat”

  1. 1. “Advanced Persistent Threat” Getting Back to the Real Meaning of
  2. 2. The time has come for the cybersecurity world to remember the true meaning of APTs and understand the level of danger they pose to companies today.
  3. 3. The basic definition of APTs isn’t specific enough. Knowing the steps attackers take when launching an attack and the difference between APTs and targeted attacks is enough to set the story straight. VSAPTs TARGETED ATTACKS
  4. 4. Targeted Attack,APT or Both? APT TARGETED ATTACK BOTH?
  5. 5. APTs are often improperly categorized because of their seemingly vague definition. At its most basic level, an APT is a category of threats where cyber attackers thoroughly and aggressively pursue and compromise a target.
  6. 6. All APTs Targeted Attacks All APTs can be considered targeted attacks. Targeted Attacks APTs However, companies run into problems in thinking that all targeted attacks are APTs— it’s simply not true.
  7. 7. What are the Key Differentiators that Make APTs Unique Attack Vectors?
  8. 8. Customized Tools and Techniques Unlike widespread and generic targeted attacks, APTs include zero-day exploits, rootkits and other tools that are designed for a specific attack.
  9. 9. APTs attempt to move slowly and stay under the radar for a long time until the mission is finished. Mainstream cyber attackers often go for “the quick score." They get in and out as quickly as possible to obtain some valuable data. The Long Con
  10. 10. High Expectations APTs are often used to carry out covert state actions,targeting military,political or economic data. They aren’t perpetrated by a singular attacker; rather,groups using APTs can be well staffed and funded,and operate with high levels of intelligence.
  11. 11. One Specific Goal Organizations executing APTs go into a project with an objective that they relentlessly pursue. These groups know exactly what their goals are - and won’t stop until they’ve been attained.
  12. 12. Understanding What an APT Attack Looks Like
  13. 13. According to Mandiant*,while different attacker groups may modify the APT roadmap,these are the 7 steps attackers go through for an APT attack. *Data Source: Mandiantm - The Advanced Persistent Threat
  14. 14. 1 2 3 4 5 6 7 Initial Compromise Attackers compromise an individual connected to the target network,often with a spear phishing attack,to begin the malware delivery for an APT attack.
  15. 15. 1 2 3 4 5 6 7 Establish a Foothold A backdoor is implemented to ensure that the threat group is able to access and control at least one computer in the target network.
  16. 16. 1 2 3 4 5 6 7 Escalate Privileges User credentials are compromised in succession to gain authorized increasing access to network resources.
  17. 17. Click below to get our guide about the differences between honeypots and deception tech... Coffee Break!
  18. 18. 1 2 3 4 5 6 7 Internal Recon The attackers collect information about the network and learn where the valuable information is stored.
  19. 19. 1 2 3 4 5 6 7 Move Laterally With the newly acquired credentials,attackers can move through the network of computers until they reach their end goal.
  20. 20. 1 2 3 4 5 6 7 Maintain Presence in the Network Whether it’s through additional backdoors or valid PKI and VPN credentials, attackers make sure they have continuous access to the victim network.
  21. 21. 1 2 3 4 5 6 7 Complete the Mission When attackers make their way to the valuable data,they compress it and find a way to remove it from the network undetected.
  22. 22. www.illusivenetworks.com You've earned a donut to go with your coffee. Now you understand the steps attackers take when launching an attack and the difference between APTs and targeted attacks. Success! Learn More About Attacker ViewTM Technology Click Here

×