Tuesday, April 13, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

How Organizations Can Defend Against Advanced Persistent Threats

December 26, 2019
in Internet Privacy
How Organizations Can Defend Against Advanced Persistent Threats
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Advanced persistent threats (APTs) have emerged to be legitimate concerns for all organizations. APTs are threat actors that breach networks and infrastructures and stealthily lurk within them over extended spans of time.

They typically perform complex hacks that allow them to steal or destroy data and resources.

You might also like

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

What Does It Take To Be a Cybersecurity Researcher?

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

According to Accenture, APTs have been organizing themselves into groups that enable them to share tactics and tools to carry out attacks at scale. Russian group Silence APT, for instance, has been reported to be actively targeting financial institutions and have successfully stolen millions of dollars from various banks worldwide.

Smaller organizations also need to be wary of such threats. APT groups also use automated tools and botnets to gain access to networks, and these tactics don’t discriminate based on size, industry, or value. Any vulnerable infrastructure can be breached. It is now critical for all organizations to understand how APTs operate and implement the necessary security measures to mitigate them as threats.

Signs that an APT may be lurking

APTs operate covertly, so organizations may not even realize that they have been breached until something really goes awry. InfoTrax Systems, for example, was only able to detect years-long breach after its servers’ storage was maxed out. IT teams have to look out for the indications that an APT might be lurking within the network.

A few distinct signs include:

Excessive logins — APTs typically rely on compromised access credentials to gain routine access to networks. They can either brute force attempts using login name and password credential dumps or legitimate credentials stolen from social engineering and phishing attacks. Excessive or suspicious login activities, especially in odd hours, are often attributable to APTs.

Explosion of malware — APTs also use various malware to perform their hacks. So, if antivirus tools often detect and remove malware, it is possible that an APT is continuously implanting trojans and remote access tools into the network.

Increased usage of computing resources — These threat actors will also have to use the network’s computing resources to perform their hacks. Active malware will use computing power and memory within endpoints. Hackers may also temporarily store their stolen data within servers. Exfiltrating large volumes of data would also show up as excessive outgoing traffic.

Heightened Monitoring

Spotting these signs isn’t straightforward, so IT teams must actively search for these signs. Fortunately, modern security solutions now provide capabilities that enable IT teams to monitor the potential APT presence and their activities.

Log Analysis — Logs can accurately show the various activities, events, and tasks that transpired in devices, systems, and applications. However, going through logs, which are often in unformatted plain text format, can be tedious. To help IT teams sort through the information, advanced log analysis tools now feature algorithms that can search for patterns across all IT infrastructure components.

Log management and analysis solution XpoLog, for instance, can consolidate all logs across various infrastructure components. Xpolog can automatically parse and tag the information contained in these log files. Using artificial intelligence (AI), Xpolog can then identify anomalous patterns and generate insights, including those that are indicative of security concerns.

cyber security log analysis

Information such as bandwidth use, login sessions, the geographic distribution of network traffic, can all be used to reveal the presence of threats. All the data can even be visualized for easier presentation and review.

Through these findings, the platform can readily alert IT teams of potential APT attacks so that immediate action can be taken.

Breach and Attack Simulations — Breach and attack simulation (BAS) platforms can run routine tests that mimic actual cyberattacks to check if security measures are working as intended. They serve as alternatives to traditional penetration testing, which are challenging to perform on a routine basis.

BAS platform Cymulate, for example, offers a wide variety of tests that cover the potential vectors of attack to an infrastructure. It can test web gateways and web application firewalls for vulnerabilities. It can also deploy dummy malware into endpoints to check if anti-malware or antiviruses can detect malicious files and processes. It also has phishing attack simulations that can identify which users are susceptible to social engineering attacks.

breach cyber attack simulation software

Cymulate allows for scheduled and routine tests to be run to see if an organization’s implemented security measures and tools work as intended. APTs turn off security solutions like antiviruses and firewalls, so routine tests would readily indicate if something is tampering with these solutions.

Defenses Must Be Improved

Monitoring and early detection are key to keeping a secure defensive perimeter. Organizations must integrate these efforts as part of a broader security strategy.

Increase vigilance — Actively analyzing logs and performing routine tests of security measures can inform IT teams of the potential presence of APTs, allowing them to deal with these threats immediately.

Adopt enterprise-grade security — Organizations must also use capable security solutions. The malware used by APTs can feature a polymorphic code that allows them to evade common free or cheap anti-malware solutions.

Keep systems and apps updated — APTs exploit vulnerabilities of devices and systems for many of their tactics. Developers regularly release patches and fixes to ensure that critical vulnerabilities are addressed.

Organizations must ensure that these updates are quickly applied when they become available.

Train people — APTs can also try to exploit human weaknesses through social engineering attacks. Organizations must train staff on the best security practices, including accurately identifying phishing emails and attempts, using strong passphrases, and avoiding password reuse.

Security is an Investment

Organizations must realize that security is a critical investment when operating in today’s environment. APTs can cause irreparable damage to companies. Falling victim to an attack can cause downtime, lost business, and the erosion of customer trust.

The average security breach estimated by IBM cost organizations $3.92 million. It is, therefore, critical for companies to adopt security measures that are capable of detecting and mitigating such threats before they can cause any significant damage. As such, organizations must now be ready to shift more resources to enhance their security.


Credit: The Hacker News By: noreply@blogger.com (The Hacker News)

Previous Post

Amazon Makes Machine Learning More Accessible To Developers

Next Post

Good for Workers, Bad for Companies?

Related Posts

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data
Internet Privacy

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

April 13, 2021
What Does It Take To Be a Cybersecurity Researcher?
Internet Privacy

What Does It Take To Be a Cybersecurity Researcher?

April 12, 2021
Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021
Internet Privacy

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

April 12, 2021
Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business
Internet Privacy

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

April 10, 2021
Next Post
Good for Workers, Bad for Companies?

Good for Workers, Bad for Companies?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Bug bounties: More hackers are spotting vulnerabilities across web, mobile and IoT
Internet Security

Critical security alert: If you haven’t patched this old VPN vulnerability, assume your network is compromised

April 13, 2021
Epoch and Map of the Energy Transition through the Consensus Validator
Data Science

Epoch and Map of the Energy Transition through the Consensus Validator

April 13, 2021
Bitcoin mining in China could threaten climate policies, new study shows
Blockchain

Bitcoin mining in China could threaten climate policies, new study shows

April 13, 2021
Artificial Intelligence Research at Duke
Machine Learning

Artificial Intelligence Research at Duke

April 13, 2021
Learning Not To Fear Machine Learning | by Dimitry Belozersky | Apr, 2021
Neural Networks

Learning Not To Fear Machine Learning | by Dimitry Belozersky | Apr, 2021

April 13, 2021
Billions of smartphone owners will soon be authorising payments using facial recognition
Internet Security

Billions of smartphone owners will soon be authorising payments using facial recognition

April 13, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Critical security alert: If you haven’t patched this old VPN vulnerability, assume your network is compromised April 13, 2021
  • Epoch and Map of the Energy Transition through the Consensus Validator April 13, 2021
  • Bitcoin mining in China could threaten climate policies, new study shows April 13, 2021
  • Artificial Intelligence Research at Duke April 13, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates