Advanced Persistent Threats : Defending The Enterprise Against Lurking APTs

With major companies taking heavy losses as a result of public humiliation from a hacking event, it makes sense that organizations would focus on this. In fact, research from IBM Security and the Ponemon Institute found that the average data breach cost companies $3.62 million.

Clearly, there is both a financial and public image facet to robust security. However, advanced persistent threats continue to plague organizations. These specific cyberattacks can seriously mess with a company’s bottom line, so let’s take a look at what APTs are and how you can defend against them.

How Do APTs Work?

At it’s most basic, TechTarget’s Margaret Rouse defines an APT as an attack where a cybercriminal accesses a network without permission and monitors activity for an extended period of time. The goal of the hacker here isn’t to disrupt operations, but rather to steal data for personal profit. This is why TechTarget states that only organizations with “high-value information” are targeted.

Although these attacks are highly varied, they generally start with the hacker doing research on the targeted company. Once the hacker has identified an employee with security credentials, he finds a way to gain access to the company’s network. This could take the form of a phishing email or even an infected website that distributes malware to the target. Finally, after diagramming the organization’s network and discovering valuable information, the cybercriminal takes what he needs and walks away.

While the theft of data is certainly scary itself, the truly terrifying aspect of APTs is that companies often aren’t even aware that one is occurring. Unlike in Hollywood, real-world attacks don’t involve a skull and crossbones flashing across the screens of the target’s computers. They’re quiet, and a company’s security department might miss one for a long time. In fact, a different study from the Ponemon Institute found that organizations generally take about six months to discover a breach.

Therefore, the best option is to avoid one to begin with.

Defense Starts With Employee Training

APT attacks can start in a variety of ways, but one of the easiest for hackers is something called social engineering. This is where the cybercriminal exploits an employee’s pity and desire to help by lying about a certain situation. A favorite of social engineers is pretending to be a new employee who’s locked out of his or her computer. A decent sob story like this can easily trick even the most cautious of employees if done correctly.

In fact, there’s hard evidence that proves the frightening success rate of these kinds of attacks. Security firm Social-Engineer found that 90 percent of people will give up their names and email addresses without confirming who’s asking for them. Additionally, 67 percent will tell the caller personal information like their Social Security numbers and birth date

Clearly, your employees are an enormous attack vector that you need to address before moving on to more technical aspects of defense. First and foremost, employees must be taught that giving information over the phone to anyone without definitively confirming their identity leaves the company open to a breach. Helping people out of a tight spot is simply human nature, but your workers must learn to forgo this instinct in the interest of solid security.

Additionally, it’s important for you to discuss email phishing. Much like the phone call example, this social engineering attack sends messages to employees in the hopes that someone will give up login credentials or click a link to malware. Again, you’ll need to stress the importance of avoiding these issues in a company-wide meeting.

Endpoint Security Is Huge

Ensuring that your employees are working to keep company information safe is certainly a necessity these days, but it’s not the only way to avoid APTs. To do this more effectively, you’ll need to help ensure endpoint security for your firm.

Although this is a complex topic, an endpoint is just any entry point onto a network created by each device your company uses. The issue with this, of course, is that managing every single endpoint on an entire network can be an exhaustive process for an administrator. Officials need a means of consolidating endpoint security into a central console that allows them to protect assets across a wide variety of devices.

On top of this, a simple solution that can seriously affect your company’s defenses is changing default passwords on purchased equipment. One of the first actions a hacker will take when attempting to break a system is to brute force a list of known default credentials. It may seem silly, but this simple mistake is one of the easiest ways for a cybercriminal to gain access to your organization’s data.

You’ll Need Help

Faronics Deep Freeze Cloud platform offers powerful endpoint maintenance, management and security tools to bolster your organization’s defenses against targeted attacks, while improving business continuity. You can automate and set maintenance schedules for endpoints across your network. Dealing with Advanced Persistent Threats/ APTs, timely patching is of utmost importance – which, being one of the most tedious IT maintenance tasks, works much better with smart automation. On top of centralized management of endpoints, Faronics offers the ability to visualize usage behaviour patterns. What’s more, with ‘Reboot to Restore’ capabilities, IT admins can help bolster the organization’s disaster recovery (DR) plans. In the event of any catastrophe, this technology allows you to bring a workstation back to a predetermined baseline. This can help shake off unwanted effects of an APT intrusion, thereby saving your organization money and time.

Concluding, a multi-layered security approach combined with maintenance automation can help you defend against APTs while also detecting and solving them before it’s too late.

Contact Faronics today to learn more about how Deep Freeze Cloud platform can help with your organization’s disaster recovery planning.

About The Author

Suzannah Hastings

Suzannah is interested in all things digital, from software security to the latest technological advances. She writes about ways in which the increasingly internet-driven landscape and windows technologies like steady state alternative that change our lives, and what we can expect in the future.

Sign Up For A 30-Day Trial


Deep Freeze Cloud

One platform for total control of your IT assets.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.