Features of APTs
The constituents of the term APT form part of the characteristics of APTs. The word advanced implies that the rival is acquainted with the invasion tools and techniques and the development of customized threats. Besides, persistent persistence denotes that the enemy is determined to accept commands and attack a definite target, while threat infers that the opponent is inspired, sustained, and organized. The features of ATP are centered on attacker, target, purpose, and lifecycle of attack (Alshamrani et al., 2019, p. 1852). The attackers are coordinated illegal groups or government actors, targeting diplomatic institutions, industries, and other sectors, to acquire confidential information or destroywith the purpose of acquiring confidential information or destroying the targeted victim. The life cycle of the malicious attack endeavors to retain consistent invasion using multiple methodmethods. In conclusion, the features of the ATPs are aligned with the aims and objectives of the attackers.
APT Attack Process
Diverse approaches are utilized to portray an APT as attacks are explicitly customized per victim, and every APT campaign is performed differently. However, the initial step is the creation of a point for gaining network access (Alshamrani et al., p. 1854). For accessibility sustenance, a communication path is created by the tailored malware to permit multiple injections of the malevolent code by the attackers. The added worm passes stealthily through the system, identifying the other susceptible hosts vulnerable to infection on the pathway. Additionally, the malware replicates itself to remain dominant within the system structure. Notably, other outward-bound system links can be established by the APT botnet, thus, allowing them to obtain extensive data. Therefore, the process of the APT attack can be said to comprise initial surveillance, preliminary compromise, foothold establishment, access rights escalation, internal reconnoitering, lateral propagation, existence sustenance, and mission accomplishment.
Techniques and Methods of ATP Attacks Execution
Execution of the ATP attacks employs diverse methodology and techniques depending on the targeted subject. First, social engineering applies when the manipulation of the systems is perpetuated by the people with access rights divulged to them to undertake a persuasive and controlled attack. Second, the spear-phishing technique focuses on collecting user identifications, financial data, and other private credentials for specified targeted organizations. The third is the watering hole technique which the attacker mines victims’ data based on their peculiar interests (Alshamrani et al., p. 1856). The lastLast but not the least, drive-by-download involves accidental download and vindictive software execution on visiting a malicious website without the user’s knowledge.
Conclusion
In conclusion, advanced persistent threats are complex attacks which that are tailored for a specific target. It has been delineated that the actors who deploy diverse methods to undertake the assaults are categorized into private and government attackers. Therefore, firms are encouraged to employ appropriate machine learning applications and approaches as a part of their cybersecurity measures for the early detection and curbing of APTs.
Reference List
Alshamrani, A. et al. (2019) ‘A survey on advanced persistent threats: techniques, solutions, challenges, and research opportunities.’ IEEE Communications Surveys & Tutorials, 21(2), pp. 1851-1877.
Struggling with online classes or exams? Get expert help to ace your coursework, assignments, and tests stress-free!