Advanced Persistent Threats (APT)
Advanced Persistent Threat (APT) is the description applied to the coordinated cyber activities of sophisticated criminals and state level entities. APTs target large corporations and foreign governments, with the objective of stealing information or compromising information systems.
An APT is not usually deployed to bring down a business, but to stay embedded within its systems and extract information at a slow and undetected pace.
On this page you will learn how APTs work and how to protect your organisation from them.
What does 'Advanced Persistent Threat' ('APT') mean?
Advanced: APTs involve groups of attackers working with governments and commercial entities. These groups are able to combine multiple targeting methods with a range of tools, technologies and techniques to reach, compromise, and maintain access to a target. Such groups usually have advanced technology skills, state protection, and a wide range of channels through which they can mount their attacks.
Persistent: APTs use a "low-and-slow" approach, rather than a barrage of constant attacks and malware updates. The long-term access to a target provided by APTs can be far more beneficial to the attacker, so remaining undetected is crucial to success.
Threat: APTs are skilled, motivated, organised and well-funded. They are executed by coordinated humans, rather than by mindless and automated pieces of code.
While APTs are usually targeted at specific government or private sector organisations, cyber attacks at a lower level are more widespread and are initially automated and indiscriminate; any organisation with an internet presence will be scanned and potentially targeted. Vulnerable targets with potentially interesting or valuable data can then be attacked further.
Effective Cyber Security
As part of their responsibility for minimising risk and to maximising business opportunities and ROI, CEOs need to make cyber security an organisational priority.
No organisation or industry should delay devoting attention and funding to combat Advanced Persistent Threats. Indeed, they should plan and act as though they have already been breached. Effective cyber security depends on coordinated, integrated preparations for rebuffing, responding to, and recovering from a range of possible attacks. There is no single standalone solution for cybercrime or for APTs. It is by their very nature that APTs are designed to evade standard security controls.
Find out how IT Governance Penetration Testing Services can help you to keep your organisation secure today.
Cyber Security Standards
Cyber security standards are an important element in building a strong, resilient information and communications infrastructure. ISO27001 is the most significant international best practice standard available to any organisation that wants an intelligently organised and structured framework for tackling its cyber risks.
ISO27001, as a specification for an Information Security Management System, is clear and precise. It lists 133 key security controls that should always be at the heart of any organisation’s approach to securing its information assets.
The idea of cyber resilience (that an organisation's systems and processes should be resilient against outside attack or natural disaster) is a key principle underpinning ISO27001. Incident response is one aspect of business resilience, and ISO27035 is the best practice for incidence response.
Business continuity for information and communications systems is even more fundamental to cyber survival. ISO27031 now provides detailed and valuable guidance on how this critical aspect of business resilience should be tackled. ISO27031 is also capable of working within a broader enterprise-wide business continuity management system such as that specified in the new business continuity management system standard ISO22301, and should form part of every organisation's planning for cyber resilience.
The Cyber Resilience Standards Kit is a good place to start. It contains all four Cyber Resilience standards:
ISO/IEC 27001:2005 – ISMS (Information Security Management System) Requirements
ISO/IEC 27002:2005 – Code of practice for information security management
ISO/IEC 27031:2011 – Guidelines for ICT Readiness for Business Continuity
ISO/IEC 27035:2011 – Information Security Incident Management
You could also buy these standards as part of the bestselling ISO270001 Cyber Security Toolkit, which you can use to implement ISO27001, create an effective ISMS and combat cyber threats.