It’s a normal work day and you receive a routine email from one of your colleagues; you respond as expected and continue to work with not a clue as to what just happened. An uninvited guest has managed to use social engineering which relies solely on human interaction to start collecting valuable data from your computer. If successful, the data collection could happen over a long period of time. Advanced Persistent Threat (APT) is a high level threat that works by a series of phases that a hacker uses to gain access into its targeted organization. The threat will be slow, consistent and thorough all to avoid detection and gain your organization’s sensitive information.
Initially, Government facilities and large defense contractors were the main targets of these threats. Now, targets have grown to a bigger pool of victims including other critical infrastructure companies, small supportive companies, partners and even those that may have a relationship with a larger organization. Hackers and cyber criminals use techniques that are sometimes advanced but more importantly cannot be detected by traditional cyber security technology or processes. Just having the ability to use your network and systems as a launching point to attack another larger target is reason enough to be a victim. No-one is immune to the possible attack of Advanced Persistent Threat.
The most pertinent technique used by APT hackers is social engineering. Social engineering can be a suspicious email with malicious attachments made to infect your system. Another popular social engineering technique is clicks within suspicious emails to rogue websites that are infected with malware. The bottom line about social engineering is that it does not always have to be technical, which is why traditional cyber security technology or processes cannot detect it. It is the idea of breaking into a computer network by human interaction, giving the illusion that it is normal and gaining trust in a user to reveal valuable information. To take a deeper look into APT techniques, another concern is spear phishing, which is more targeted and uses an existing relationship through email to infect the victim’s system. In most cases, the email will come from someone you have already built a relationship with so that trust is established and you are more likely to open the attachment. What’s important to watch out for are what seems to be “normal” traffic and activity happening amongst those that may be attacked.