What does APT mean?
Advanced persistent threat (APT) is the description applied to the coordinated cyber activities of sophisticated criminals and state-level entities.
APTs target large organisations and foreign governments, with the objective of stealing information or compromising information systems.
An APT is not usually deployed to bring down a business, but to stay embedded within its systems and extract information at a slow and undetected pace.
What does APT stand for?
Advanced: APTs involve groups of attackers often working with governments and commercial entities. These groups are able to combine multiple targeting methods with a range of tools, technologies and techniques to reach, compromise, and maintain access to a target. Such groups usually have advanced technology skills, state protection, and a wide range of channels through which they can mount their attacks.
Persistent: APTs use a ‘low and slow’ approach, rather than a barrage of constant attacks and malware updates. The long-term access to a target provided by an APTs can be far more beneficial to the attacker, so remaining undetected is crucial to success.
Threat: APTs require attackers who are skilled, motivated, organised and well-funded. They are executed by coordinated humans, rather than by mindless and automated pieces of code.
Although nearly any large organisation possessing intellectual property or valuable customer information is susceptible to targeted attacks, APTs are aimed at a much smaller range of targets – usually specific organisations.
Since any organisation could be the object of a highly advanced, long-term, and large-scale targeted attack, you can better defend your organisation if you have a better understanding of APTs.
Types of APTs
APTs usually breach organisations through a wide variety of vectors (a path or means by which a hacker can gain access), even in the presence of properly designed cyber security strategies, such as:
- Internet-based malware infection, for example: email links or attachments, phishing, file sharing.
- Physical malware infection, for example: infected USBs, CDs and DVDs
- Other means of external exploitation and intrusion, for example: hacking, rouge Wi-Fi penetration
Effective cyber security
As part of its responsibility for minimising risk and maximising business opportunities and return on investment (ROI), an organisation’s leadership needs to make cyber security a top priority.
Effective cyber security depends on coordinated and integrated preparations for rebuffing, responding to and recovering from a range of possible attacks. There is no single standalone solution to cyber crime or APTs. By their very nature APTs are designed to evade standard security controls.
Discover our range of solutions for effective cyber security below.
Penetration testing involves the simulation of a malicious attack on an organisation’s information security arrangements, often using a combination of manual and automatic methods and tools.
Regular vulnerability scans and penetration testing should be a fundamental part of any organisation’s monthly and quarterly security reviews. These tests ensure that you can identify and fix vulnerabilities and security holes as quickly as possible, and that your cyber controls are working as effectively as they need to.
Find out more about our penetration testing services >>
Cyber health check
Health checks offer a snapshot of an organisation's cyber security posture, and consist of a blend of on-site consultancy, audit, remote vulnerability assessments and staff surveys to identify current cyber risk exposure.
Regular vulnerability scans and penetration testing should be a fundamental part of any organisation's monthly and quarterly security reviews. A Cyber Health Check will help you identify your weakest security areas and recommend appropriate measures to mitigate your risks. It includes vulnerability scans of critical infrastructure IPs and websites/URLs, as well as an internal wireless scan.
Find out more about our cyber health check service >>
Cyber security and ISO 27001
Cyber security standards are an important element in building strong, resilient information and communications infrastructure. The best way to protect your organisation from cyber attacks is to align your information security management system (ISMS) with ISO 27001 – the international standard for information security.
ISO 27001 is the most significant international best-practice standard available to any organisation that wants an intelligently organised and structured framework for tackling its cyber risks.
Our ISO 27001 packaged solutions provide everything you need to implement ISO 27001 without any of the usual associated complexities and costs.
Find out more about our ISO 27001 packaged solutions >>
Cyber resilience, which combines cyber security and business resilience to make sure an organisation’s systems and processes are resilient to outside attack or natural disaster, is a key principle underpinning ISO 27001. Incident response is one aspect of business resilience, and ISO 27035 is the best-practice standard for information security incident management.
Business continuity for information and communications systems is even more fundamental to cyber survival. ISO 27031 now provides detailed and valuable guidance on how this critical aspect of business resilience should be tackled.
ISO 27031 is also capable of working within a broader enterprise-wide business continuity management system, such as that specified in the business continuity management system standard, ISO 22301, and should form part of every organisation's planning for cyber resilience.
Find out more about cyber resilience >>