Countering APT attacks

Leaked emails from the hacking of HBGary, a top US security investigator, provide further insight into the techniques and targets associated with advanced persistent threat (APT) attacks (a euphemism for sophisticated espionage attacks).  

An article in Bloomberg, claims that some of Dupont’s computers were implanted with spyware during a business trip to China, where the PC’s were stored in a hotel safe. The response to this threat should be to install self-encrypting drives on laptops, which are more resistant to “‘evil maid’ attacks. Other types of attack, such as phishing attacks, require a comprehensive package of security measures, including executive education, specialist exercises/tests and continuous network monitoring.

The important point to grasp is that these measures are above and beyond the requirements of ISO 27001, so if you have trade secrets or highly profitable products, then you will need to raise your game above traditional ‘best industry practice’ levels to resist these attacks. These are persistent attacks, which are coming your way, and they won’t stop.