This week Alan Shimel and I discuss the meaty security topic of APTs (Advanced Persistent Threats). Also joining us is Michael Sutton, VP of security research at Zscaler.
APTs are a class of network security attacks that target intended organizations for a very specific type of gain; financial, intellectual property, geopolitical, etc. They are advanced in the sense they intelligently attack specific targets, rather than “rattling doors” looking for whatever vulnerabilities might be exploited, using more sophisticated attack methods.
APT attacks can stretch over long periods of time, usually many months, rather than hammering a site or system over a few minutes or hours. We used to call these types of security attacks “slow rolling” or “under the radar” attacks. APTs can also use watering hole techniques, compromising an external site or online service a company uses or compromising a business partner of the intended target. Bottom line is APTs aren’t mindless bots or random network attacks.
Also check out Alan’s post on NetworkWorld about the APT podcast.
There’s a lot more to say on the topic so listen in. I hope you enjoy the podcast.