Redefining APT

Updated: November 29, 2010

APT has three components that highlight why these threats are different from your average worm, botnet, Trojan.

Adversaries. The authors of these attacks are no longer some pimply faced teenager in Canada (another quote from Mr. Pescatore). The attacks come from your adversary. It could be a competitor, a political opponent, an intelligence service, or a nation state. When you are dealing with an individual or group that has has decided to go after you or your organization the game is played by much different rules. You are not battling the constant flood of random attacks, your are faced with targeted attacks that can go well beyond IT security. Your adversaries treat networks, vulnerabilities, and sophisticated malware as just one set of tools that happen to be easier and cheaper to use than bribery, infiltration, extortion, and blackmail.

Pernicious. These attacks are personal. Friends of friends on Facebook, may be enlisted. New domains are registered and new websites crafted just to infect your computer or your CEO's laptop. Zero day vulnerabilities are pulled out of storage, malware is customized. The attack will take whatever form is needed to get into your networks and steal...

Targets. Your adversary knows what it wants. Your data, source code, customer records, employee records, oil and gas reserve database, F-35 designs, Intellectual Property, financials. You may not know what the target is until it is too late.

Related Categories
Featured Research
  • Securing Enterprise Information Technology

    In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more

  • Top 8 Identity and Access Management Challenges with Your SaaS Applications

    With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more

  • Better BYOD with Pulse Secure and MDM Partners

    Learn how Pulse Secure and leading MDM product partners are transforming the way employees and IT benefit from the productivity and flexibility of BYOD — without compromising security or increasing management complexity. more