Archive for APT

You are browsing the archives of APT.

Integrated Attack Strategy

Integrated attack strategies involve combining hacking computer systems with attack vectors such as: espionage, blackmail, medical/health attacks, asymmetric “guerrilla-style” attacks, weapons of mass destruction, and conventional kinetic military attacks. The video below shows an example using a medical vector, and an unprotected printer, to compromise patient and identity records that can be used in future […]

APT versus OODA Security Controls

Advanced Persistent Threat (APT) is a kind of attack comes from a team with advanced skills, deep resources, and specific targets. They use advanced tools and techniques that are capable of circumventing defenses. They use stealth and demonstrate good situational awareness in evaluating the state of the defenders they face. They respond quickly and with […]

NSA APT? – “THE EQUATION GROUP”

Kaspersky Lab uncovers online spy tools with potential NSA connections – [youtube.com] Equation Group: The Crown Creator of Cyber-Espionage – [kaspersky.com] For several years, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been closely monitoring more than 60 advanced threat actors responsible for cyber-attacks worldwide. The team has seen nearly everything, with attacks becoming […]

Defending Against APT

Advanced Persistent Threat (APT) is a cyber attack threat that typically comes from a team of attackers with advanced penetration skills, deep resources, specific target profiles and they tend to be very persistent in their efforts. They often have tools that are capable of circumventing defenses. They use stealthy tactics and show good situational awareness […]

Clouds Will Become APT Targets

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. NIST SP 800-145 Advanced Persistent Threat APT or Advanced Persistent Threat describes cyber […]

Cyber-Attack Psychology

We already know that cyber attackers have a methodology. They usually perform variations on the following theme: Reconnaissance Penetration Entrench Pivot Disrupt Counter Defense is mixed in throughout But it’s also useful to consider their psychology because it is often different from the thinking used by defenders. When this is true, defenders trying to study […]

Deciphering Stuxnet

How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History – [wired.com] “the world’s first real cyberweapon” It was January 2010, and investigators with the International Atomic Energy Agency had just completed an inspection at the uranium enrichment plant outside Natanz in central Iran, when they realized that something was off within the cascade […]

Agile Defense with NIST Controls

Agile Defense In the past, information systems security often focused simply on perimeter defense, wrongly assuming that a strong perimeter was the only defense needed. Then, as regulations became more complex and more legal, infosec became more “compliance-centric”, trying to pass the security audits required by law. Compliance oriented security produces reams of paperwork and […]

Stuxnet Advanced Attack

Stuxnet appears to be one of the most sophisticated cyber attacks ever detected. The size and scope of the effort required to launch the attack leads analysts to suspect it came from a national security cyber team with tremendous resources. And the target may have been the SCADA control systems inside the Bushehr nuclear plant […]

Kneber-Zeus

A trojan horse backdoor called “Zeus” is being used by a botnet named “Kneber” by researchers. This botnet has been operational for over a year and has compromised many organizations and collected a vast amount of data that was intended to be confidential. Hackers Mount New Strike – [wsj.com] Hackers in Europe and China successfully […]