What is Active Threat Protection? Stopping Advanced Persistent Threats

According to TechTarget’s SearchSecurity, “an advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time.” As with most sophisticated cybersecurity attacks, the goal of the intruder is to capture valuable information and steal data. APT intrusions are often focused on high-value information and sectors such as the financial industry.

The cybersecurity landscape is constantly changing and today the cyber threat actors range from organized crime to state sponsors.

How do hackers gain access?

When it comes to advanced persistent threats, the cyber criminals often use targeted social engineering tactics including spear phishing. In a spear phishing incident, criminals target specific companies or individuals and conduct background research to compile employee names, titles and contact information. Social networks are common resources crawled for this information. Obtaining such details and observing communications provides criminals with the tools to mirror email addresses, website URLs and dialect. The end result is the criminal’s identity masqueraded as a legitimate, trustworthy source.

How can you defend against Advanced Persistent Threats?

Real-time intrusion detection and prevention systems that include 24x7 monitoring by security experts are a key defense in finding and stopping network intruders. Training employees to not fall for social engineering tricks must also occur.

Related Articles

• How to Respond to Increasingly Targeted Phishing Attacks

• Guide: 20 Steps to Create a Cybersecurity Framework