Advanced Persistent Threats, as the name suggests, are advanced, persistent and deadly in their nature. The ghost of APTs can affect any organization at any moment of time. Security specialists have to face the ordeal of cracking the never-ending maze of APTs.
Security professionals need to employ a wide range of techniques and tools in their arsenal, both automated and manual in nature, including threat modelling, attack vectors, and the most difficult of all tasks: identifying the attacker. Various components include monitoring of logs, analysing the anomalous behaviours within the network traffic and keeping the staff well aware and trained to face any emergency.
APTs are hard to identify and usually come as a zero-day attack. Identifying that you are under an attack itself is hard to do, but once you’ve identified it, you start the real work of combating it and safeguarding your assets. The red signs of APT attacks are network exploration (also called pivoting) and data exfiltration.
Of late, APTs have challenged the best of security brains in combating them. This article identifies the processes and tools which can be used by Emergency Response Teams of organizations to strengthen their defence against APTs.
Read full article here : InfosecInstitute