Tabula Rosa Systems Blog Of 9/5/2015 - Advanced Persistent Threat

Advanced Persistent Threat An advanced persistent threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity. APT usually targets organizations and/or nations for business or political motives. Wikipedia Well funded APT adversaries do not necessarily need to breach perimeter security controls from an external perspective. They can, and often do, leverage “insider threat” and “trusted connection” vectors to access and compromise targeted systems. Abuse and compromise of “trusted connections” is a key ingredient for many APTs. While the targeted organization may employ sophisticated technologies in order to prevent infection and compromise of their digital systems, criminal operators often tunnel in to an organization using the hijacked credentials of employees or business partners, or via less-secured remote offices. As such, almost any organization or remote site may fall victim to an APT and be utilized as a soft entry or information harvesting point. A key requirement for APTs (as opposed to an “every day” botnet) is to remain invisible for as long as possible. As such, the criminal operators of APT technologies tend to focus on “low and slow” attacks – stealthily moving from one compromised host to the next, without generating regular or predictable network traffic – to hunt for their specific data or system objectives. Tremendous effort is invested to ensure that malicious actions cannot be observed by legitimate operators of the systems. Malware is a key ingredient in successful APT operations. Modern “off-the-shelf” and commercial malware includes all of the features and functionality necessary to infect digital systems, hide from host-based detection systems, navigate networks, capture and extricate key data, provide video surveillance, along with silent and covert channels for remote control. If needed, APT operators can and will use custom developed malware tools to achieve specific objectives and harvest information from non-standard systems. ----------------------------------------------------------------------------------------------------------------- At the very heart of every APT lies remote control functionality. Criminal operators rely upon this capability in order to navigate to specific hosts within target organizations, exploit and manipulate local systems, and gain continuous access to critical information. If an APT cannot connect with its criminal operators, then it cannot transmit any intelligence it may have captured. In effect, it has been neutered. This characteristic makes APTs appear as a sub-category of botnets. While APT malware can remain stealthy at the host level, the network activity associated with remote control is more easily identified. As such, APT’s are most effectively identified, contained and disrupted at the network level. Special Bulletin - My just released book, "You're Hired. Super Charge Your Email Skills in 60 Minutes! (And Get That Job...) is now on sales at Amazon.com  Landing your next job has as much to do with getting your email opened and read as it does with your qualifications.  Job searches don’t work the way they used to. Employers use email to weed out job candidates as they search for the perfect match.  Crafting effective, professional messages could make all the difference in securing your next position. It’s all about the email.  If your email is not opened and read, you can’t get to the next phase of getting your dream job!  Read this book and in just 60 minutes you’ll know how to write better email. Learn to compose emails effectively and soon you’ll hear those magic words:  “You’re Hired!” “Being able to provide candidates with tips for using email more effectively in their job search, is something our MRINetwork recruiters truly value. This edition of Netiquette IQ provides a self-evaluative approach to improving email communication at every level… It offers recruiters a reference guide for ensuring candidates present themselves in the best manner when communicating with clients. The power of these best practices is measurable, especially when top clients land Impact Players.” Scott Bass, Director of Marketing and Communications, MRINetwork® EXPERTS IN GLOBAL SEARCH Paul Babicki is the founder and president of Tabula Rosa Systems (www.tabularosa.net), a company that sells network, security, email filtering as well as email grammar, tone and content software. Paul’s first book is “Netiquette IQ A Comprehensive Guide to Improve, Enhance and Add Power to Your Email.” Check out his popular blog at (http://NetiquetteIQ.blogspot.com) =========================================   Great Netiquette To All! =========================================================== For a great email parody, view the following link: https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618 ==============================================  **Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions: www.tabularosa.net =============================================== In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". . You can view my profile, reviews of the book and content excerpts at:  www.amazon.com/author/paulbabicki  If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio  Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo.  I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.  Lastly, I am the founder and president of Tabula Rosa Systems, a company that provides “best of breed” products for network, security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT product information for virtually anyone. ==============================================