0 Results Found
            Back To Results

              Rise in APT Attacks Calls for New Defenses Against Advanced Malware

              "The supreme art of war is to subdue the enemy without fighting." - Sun Tzu, The Art of War Have you considered the possibility of someone outside your organization using your server and network resources to steal data, or perform other illegal acts, without your knowledge? And what if the attack was so targeted, it was after a specific piece of information? The recent attacks on The New York Times and The Wall Street Journal serve as a reminder that such Advanced Persistent Threats (or APTs), as they are referred to, are prevalent and real. How has APT changed the threat landscape?

              To start with, APT is different from the public's traditional understanding of what "hacking" is. Instead of lone actors attacking network resources for the sake of vandalism or common information theft, APT is organized, efficient, persistent, and targeted. APT is backed by organizations, and quite often, by nation states, with the information that is being targeted often identified in advance of the attack. Once the desired information and targets have been identified, extensive research and planning is put into the attack, and are often even rehearsed in advance of the actual attack. Once the attackers breach the target's defenses, a foothold is gained, and strengthened, by the installation of highly customized malicious software intended to steal important data.
                 
                Unlike traditional malware, APT is designed to operate quietly, and because this malicious software is created to attack a specific target, it nearly always goes unrecognized by existing signature based network defenses, such as anti-virus software, or Intrusion Prevention Systems (IPS). Because threat vectors are also combined, such as spear-phishing emails and drive-by malware downloads, detection of APT malware has become even more difficult for existing network perimeter defenses. And once the initial foothold is gained by attackers, it becomes even easier to attack resources from the inside, leading the attackers to the data identified as the target of the APT attack, stealing it, and returning it to the attackers. Consider these staggering statistics:

              • Over 95% of companies are compromised with malware that has not been seen by anti-virus or IPS signatures*
              • 200+ unique families of custom malware used in cyber-espionage campaigns †
              • 1,100+ domain names have been registered by advanced threat actors †

              Organizations are frequently faced with two fundamental challenges in addressing APTs: insufficient visibility and ineffective counter measures. Combating APT requires comprehensive strategy that is focused on four key defensive capabilities as shown below:

                 

              To overcome these significant challenges, Dell SecureWorks offers a wide range of services to counter APT. In collaboration with technology partner FireEye, Dell SecureWorks has recently introduced a new managed security service to detect and block the advanced malware delivered via email and web content. The Managed Advanced Malware Protection service can proactively identify the malicious software used by APT attacks to gain a foothold, and block APT attacks before they gain the necessary foothold on the network required to install more malicious software, and steal your data. Visit the Managed FireEye services page as well as Advanced Persistent Threat pages for more information on solutions from Dell SecureWorks. * Intel's threat data reports † APT elements tracked by SecureWorks Counter Threat Unit up to July 2012

              Related Content