What Is IT?
Hat Color The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.
About Us
Who are we?
We are. 'Nuff said.
Recent Blog
- The PCI Security Standards Council published its latest PCI guidance in the form of PCI DSS 2.0, but quickly followed up with the document Navigating the PCI DSS v2.0. The Navigating document is very important to those who have virtual systems as it contains the basic guidance about virtualization while PCI DSS 2.0 does not provide anything specifically geared towards virtualization. However, there is an adjunct document that does layout PCIs thoughts on virtualization. This is stated within the Navigating the PCI DSS (v2.0) document.
|
||
Definitions
Advanced Persistent Threats (APTs) are a cybercrime category directed at
business and political targets. APTs require a high degree of stealth over a prolonged
duration of operation in order to be successful. The attack objectives typically extend
beyond immediate financial gain, and compromised systems continue to be of
service even after key systems have been breached and initial goals reached.
APTs can best be summarized by their named requirements:
Advanced: Criminal operators behind the threat utilize the full spectrum of
computer intrusion technologies and techniques. While individual components of
the attack may not be classed as particularly “advanced” (e.g. malware
components generated from commonly available DIY construction kits, or the use
of easily procured exploit materials), their operators can typically access and
develop more advanced tools as required. They combine multiple attack
methodologies and tools in order to reach and compromise their target.
Persistent: Criminal operators give priority to a specific task, rather than
opportunistically seeking immediate financial gain. This distinction implies that
the attackers are guided by external entities. The attack is conducted through
continuous monitoring and interaction in order to achieve the defined objectives.
It does not mean a barrage of constant attacks and malware updates. In fact, a
“low-and-slow” approach is usually more successful.
Threat: means that there is a level of coordinated human involvement in the
attack, rather than a mindless and automated piece of code. The criminal
operators have a specific objective and are skilled, motivated, organized and well
funded.
SRC: Damballa
Memorable Quote
"There are two types of companies in this country: those who know they've been hacked, and those who don't know they've been hacked." Mike Rogers (R-Mich.), chairman of the House Intelligence Committee