Advanced Persistent Threats (APTs)

What does APT mean?

Advanced persistent threat (APT) is the description applied to the coordinated cyber activities of sophisticated criminals and state-level entities.

APTs target large organisations and foreign governments to steal information or compromise information systems.

An APT attack is not usually deployed to bring down a business but to stay embedded within its systems and extract information for a prolonged period of time.

What does APT stand for?

Advanced: APTs involve groups of attackers often working with governments and commercial entities. These groups can combine multiple targeting methods with various tools, technologies and techniques to reach, compromise, and maintain access to a target. Such groups usually have advanced technology skills, state protection, and a wide range of channels through which they can mount their attacks.

Persistent: APTs use a ‘low and slow’ approach rather than a barrage of constant attacks and malware updates. The long-term access to a target provided by an APTs can be far more beneficial to the attacker, so remaining undetected is crucial to success.

Threat: APTs require skilled, motivated, organised and well-funded attackers. They are executed by coordinated humans rather than by mindless and automated pieces of code.

APTs are typically aimed at specific organisations that possess valuable intellectual property or customer information.

Since any organisation could be the object of a highly advanced, long-term, and large-scale targeted attack, you can better defend your organisation if you understand APTs.

Types of APTs

APTs usually breach organisations through a wide variety of vectors even in the presence of adequately designed cyber security strategies, such as:

  • Internet-based malware infection, for example: email links or attachments, phishing, and file sharing.
  • Physical malware infection, for example: infected USBs, CDs and DVDs
  • Other means of external exploitation and intrusion, for example: hacking, rogue Wi-Fi penetration

Effective cyber security

As part of its responsibility for minimising risk and maximising business opportunities and return on investment (ROI), an organisation’s leadership needs to prioritise cyber security.

Effective cyber security depends on coordinated and integrated preparations for rebuffing, responding to and recovering from possible attacks. There is no single standalone solution to cyber crime or APTs. By their very nature, APTs are designed to evade standard security controls.

Discover our range of solutions for effective cyber security below:

Penetration testing

Penetration testing involves the simulation of a malicious attack on an organisation’s information security arrangements, often using a combination of manual and automatic methods and tools.

Regular vulnerability scans and penetration testing should be fundamental to any organisation’s monthly and quarterly security reviews.

These tests ensure that you can identify and fix vulnerabilities and security holes as quickly as possible, and that your cyber controls are working as effectively as they need to.

Find out more about our penetration testing services

Cyber health check

Health checks offer a snapshot of an organisation's cyber security posture and consist of on-site consultancy, audit, remote vulnerability assessments and staff surveys to identify current cyber risk exposure.

Regular vulnerability scans and penetration testing should be fundamental to any organisation's monthly and quarterly security reviews. A Cyber Health Check will help you identify your weakest security areas and recommend appropriate measures to mitigate your risks. It includes vulnerability scans of critical infrastructure IPs, websites/URLs and an internal wireless scan.

Find out more about our cyber health check service

Cyber security and ISO 27001

Cyber security standards are essential in building robust and resilient information and communications infrastructure. The best way to protect your organisation from cyber attacks is to align your information security management system (ISMS) with ISO 27001 – the international standard for information security.

ISO 27001 is the most significant international best-practice standard available to any organisation that wants an intelligently organised and structured framework for tackling its cyber risks.

Our ISO 27001 packaged solutions provide everything you need to implement ISO 27001 without any of the associated complexities and costs.

Find out more about our ISO 27001 packaged solutions

Cyber resilience

Cyber resilience combines cyber security and business resilience to ensure an organisation’s systems and processes are resilient to outside attacks or natural disasters. It is a crucial principle underpinning ISO 27001.

One aspect of business resilience i incident response, and ISO 27035 is the best-practice standard for information security incident management.

Business continuity for information and communications systems is even more fundamental to cyber survival. ISO 27031 now provides detailed and valuable guidance on how this critical aspect of business resilience should be tackled.

ISO 27031 can also work within a broader enterprise-wide business continuity management system, such as that specified in the business continuity management system standard, ISO 22301. It should form part of every organisation's planning for cyber resilience.

Find out more about cyber resilience

PROTECT YOUR
BUSINESS
THIS WINTER