While enterprises may be accustomed to hearing about threats, security vulnerabilities, and the dangers cyber-criminals pose to the safety of their information, there lurks another minefield on the security landscape - Advanced Persistent Threats (APT).
Jonas Thulin, a security consultant for network security provider Fortinet, explains that APTs are different from your run of the mill intrusions in that they entail highly skilled hackers who target a particular organisation and, instead of just deploying a virus or Trojan, keep trying multiple attack vectors until they are successful at stealing data. There’s no doubt that APTs are bad news for enterprises, but Thulin reassured that these pervasive and persistent attacks can be mitigated.
Counter measures
One such approach employed by Fortinet is sandboxing, which address the fact that many threats evade security measures by hiding inside the code itself. “Before we use code that has been downloaded, we run it and ensure that it doesn’t behave maliciously,” he explained. Beyond sand- boxing, another way to counteract APTs is through reputational filtering. In this methodology, spammers typically are identified by their IP address and blocked. This same approach can be done with botnets. “This enables us to track commands and build up a botnet database, so that although we might not know what the vulnerability is, we can identify who is likely to exploit it,” he added.
Admittedly, how much of an organisation’s budget is dedicated to tackling security threats like APTs will vary from one business to the next. One thing, however, is for sure − top management, CIOs and risk boards around the globe must urgently assess their exposure to APTs and start taking preventive measures.