Countering APT attacks

Leaked emails from the hacking of HBGary, a top US security investigator, provide further insight into the techniques and targets associated with advanced persistent threat (APT) attacks (a euphemism for sophisticated espionage attacks).  

An article in Bloomberg, claims that some of Dupont’s computers were implanted with spyware during a business trip to China, where the PC’s were stored in a hotel safe. The response to this threat should be to install self-encrypting drives on laptops, which are more resistant to “‘evil maid’ attacks. Other types of attack, such as phishing attacks, require a comprehensive package of security measures, including executive education, specialist exercises/tests and continuous network monitoring.

The important point to grasp is that these measures are above and beyond the requirements of ISO 27001, so if you have trade secrets or highly profitable products, then you will need to raise your game above traditional ‘best industry practice’ levels to resist these attacks. These are persistent attacks, which are coming your way, and they won’t stop.   

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close