Articles

APT – Advanced Persistent Threat

By August 4, 2022 No Comments
APT - Advanced Persistent Threat

São Paulo/SP – August 04, 2022. APT is the abbreviation for “Advanced Persistent Threat”. The results of this type of attack can be potentially destructive consequences such as database deletion and leakage of trade secrets and sensitive data.

*By Roberto Santana

What are APTs?

APT is short for “Advanced Persistent Threat”.

APT's rely on sophisticated attack techniques and can remain in the system for a long time. The results of this type of attack can be potentially destructive consequences such as database deletion and leakage of trade secrets and sensitive data.

Stages of an APT

Infiltration: Usually happens through web assets, network resources, or authorized human users. It may occur via malicious uploads (RFI, SQL injection) or social engineering.

Expansion: Criminals begin to expand their presence within the network: moving up through the organizational hierarchy and gaining access to more sensitive data such as business information, employee data and financial records.

The ultimate objective of attacks can be of different types, such as selling information to competitors or sabotaging the company's business. If the goal is sabotage, by controlling multiple user roles, hackers can break into entire databases, make changes that can go unnoticed if security processes aren't extremely stringent.

Extraction: The information obtained is stored in a secure location within the network that is under attack. Once enough data is obtained, criminals need to extract it undetected.

How to protect yourself?

Some treatments are recommended in order to protect the entire corporate system from advanced attacks, some recommendations are:

Training: Promote training between the IT team and the rest of the team, leaving all employees aligned with the defense strategies on the web will make the process simpler and smoother. Thus avoiding unwanted surprises.

Security Policies: An information security policy, which aims to enable security management in an organization, establishing rules and standards for information protection.

Protection Technologies: The implementation of defense mechanisms that can detect and respond to security incidents, such as WAF (Web Application Firewall), Endpoint Protection, Log Consolidation, among others.

always count on Safeway to implement these controls, we have SOC and incident detection services that can help control and mitigate this type of risk.

— Roberto Santana is Senior Cyber Security Consultant – RED TEAM at [SAFEWAY]

How can we help?

THE SAFEWAY is an Information Security consulting company recognized by its clients for offering high value-added solutions through projects that fully meet the needs of the business. In 14 years of experience, we have accumulated several successful projects that have earned us credibility and prominence with our clients, who largely make up the 100 largest companies in Brazil.

today through 25 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best solutions in technology, processes and people. We have both the technical skills and the experience necessary to assist your company in the process of structuring controls and preparing the environment for the implementation of an ISMS, SGS or SGCN and, consequently, certification of operations, services or companies to the ISO27001, ISO20000 or ISO22301 standards.

In order to support companies in this process of evaluation and adaptation to the requirements of the LGPD, [SAFEWAY] has in its portfolio of services, the Cybersecurity Health Check whose objective is to carry out a diagnosis of the CyberSecurity, Information Security and Data Privacy implemented in your company, contemplating the pillars of Law SuitPeople and Technology.

through the Cybersecurity Health Check, risks associated with information security and privacy of internal processes and activities are identified, existing controls and new controls evaluated according to the size of your organization to increase the level of maturity and compliance, in accordance with good information security practices. If you would like more information, contact one of our experts!