Friday, July 26, 2019

Advanced Persistent Threats (APT)


Ashley Oliver
Oliver COM Solutions, d/b/a
2019 CISSP Candidate

Advanced Persistent Threats (APT)

Patience is a virtue. When applied with skill, vigor, and talent, it can be a gateway to massive movement. This linear disposition can be applied in positive and negative ways. One of my favorite Netflix shows, ‘Love, Death & Robots’ depicts this ideal in one of their episodes where a woman and a man are at war with their minds. Ultimately, the woman wins. She displays patience and strength throughout the battle, she almost loses, but in the end she wins. At the highest level, the skilled attackers who are capable of the most damage apply this same level of resilience. Advanced Persistent Threats (APT).

Much larger than Anonymous, APT’s concentrate on the exploitation of one or more explicit targets. This group of attackers is unlikely to be focused on hacking into your Facebook account, but rather the President’s Twitter, plus his cabinet, plus his family, etc. Certified Ethical Hackers, Pen Testers, et al have to sign an oath because it is our responsibility to learn and think like Hackers in order to best protect. However, unfortunately there are negative entities in the world that use their skill/talent for malicious gain.

Threat Modeling

In my opinion, Threat Modeling is the act of identifying the specific goals of an attacker. Data breach? Stealing information? Taking down a system or website? Each of these ideas are a result of a separate goal, and Threat Modeling helps us to identify the goals of the attacker. Threat Modeling is priority based and categorized pertaining to the asset in question.

Asset Valuation – Focused on Assets

Based on the actual value of the asset. Once the value is determined, the data being hosted needs to have its access controls evaluated. Any threats that attempt to bypass authentication/authorization mechanisms are the focus in this approach.

Identify Attackers – Focused on Attackers

This is the simple act of identifying the attacker and pinpointing the threats they embody.

Software – Focused on Software

Software developers. Most organizations today develop their own software. The more sophisticated said software is, the more likely potential threats against the software can exist.


No comments:

Post a Comment