Advanced Persistent Threats: From FUD to Fact
If you are like me, you’ve seen and heard plenty about Advanced Persistent Threats (APTs) this year. It’s the new hot-button term. So popular that everyone has their own definition.
FUD continues to cloud the discussion we should be having. So we are starting a series of posts to separate the fact from fiction and to really nail what you should be concerned about. We will:
- Define what APTs are (and aren’t)
- Examine attacks from a research/technical perspective
- Discuss who should care and what you should do about it
- Talk about why most of today's security technologies aren't stopping these attacks
- Explain the malware technology adoption lifecycle (the dynamic missing from most discussions)
Websense Security Labs has been on the forefront of examining APTs in the wild and have charted the emergence of these exploits. We’ll explain why high-profile attacks seem to work so effortlessly. And we’ll discuss the ongoing evolution of APTs: from government/nationalistic targets to organized criminal gangs and soon individual hackers.
Let’s skip the APT hype and FUD. Let’s use real-world examples to talk about what matters most to you.
In the meantime, I have my own question: how many of you have been approached by senior management with any questions about big data breaches, like, “Hey, I saw the news about (insert company) losing company data. What are we doing to avoid that?” What did you say?