Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
The third goal is to initiate the primary mission of the attackers which may be to steal sensitive information, monitor communications or simply to disrupt operations. The last goal is to leave the compromised computer without being detected McAfee, 2010()
Effect of APT on the National Security
Advanced persistent threats are designed to steal sensitive information by stealthily innovatively and tactically evading the detection by common malware software. Advanced persistent attacks are usually targeted to be large-scale attacks. The main goal or objective of the attack is to steal intellectual property from the compromised computers. There have been cases reported where organizations have lost millions and even billions in terms of information from research. In some cases, certain organizations have even been bankrupted because they were unable to compete in a cost effective manner with their competitors after these malicious competitors had stolen their intellectual property.
In the year 1990, Ellery Systems which is located in Boulder, Colorado suffered a huge blow when one of the company employees sent sensitive information to one of the largest competitors of the company who is located in China, Beijing Machinery. This led to Ellery system going bankrupt and was also partially responsible for the creation of the Economic Espionage Act of 1996. Another case is the DuPont case where Gary Min, one of the company employees stole about 400 million dollars in intellectual property and sold it off to an Asian competitor called Victrex in the year 2005. Just a few years after this incident, another employee of DuPont stole intellectual property relating to a new monitor that was as thin as paper that the company had devised and gave it to his alma mater at the Peking University in Beijing. The same value that is placed in this kind of intellectual property theft cases can be placed by cybercriminals who institute APTs for this reason McAfee, 2010()
These instances described above show that advanced persistent threats can be a national security issue. These kinds of attacks can have a huge impact on the revenue, branding and shareholder faith in a particular government venture or ministry and this can also lead to lawsuits and regulatory penalties from trade partners and other larger regulatory institutions such as the International Monetary Fund and the World Bank.
APT attacks can also be used to attack a critical point of the global economy such as the electrical grid. With the world currently becoming computerized and almost everything being controlled by computers and electricity, an attack on the electrical grid system could have a huge impact on the whole city. Imagine a situation whereby an attack is conducted on the country's electrical grid. When the power goes off, many other activities will stop. For example, the safety systems of nuclear plant reactors run on electricity therefore these will shut down too. Supplies to ATMs, gas stations, grocery stores and other premises will also be depleted since there will be no way of tracking down the stocks that need replenishing. Hospitals will also suffer greatly since they will not be able to keep up with emergency services such as the intensive care unit (ICU). These preempted harmful effects of an attack on the national electrical grid system are but one example of the national risk of an APT McAfee, 2010()
Combating the advanced persistent threat
Mitigation of APTs is quite a difficult process. This is because the APT...
The APT is usually designed to evade antimalware software and to uniquely beat these soft wares in terms of entry into the system, gathering of information and exit. This is what makes APT mitigation difficult.
However, with the use of careful monitoring of the systems and computers, it is possible to mitigate APTs. It involves more than just the prevention of antimalware software or data loss. Therefore, it is not just sufficient for the company to spend a lot in terms of firewalls, monitoring and antimalware software or other such similar tools. Skilled attackers can still be able to easily maneuver their way round these security measures with ease. Although these tools are an essential first step in the prevention of APTs, they are not complete solutions for this Andress, 2011()
All the security in the world can be in place, but if these tools are not actually monitored, they may as well be disposed of to save on the utilities. Attackers count on these tools being simply plugged in and ignored, or not even being capable of detecting the social engineering or zero-day attacks they are using. Andress, 2011()
The only way to defend from APT is through regular logging and monitoring of all system activities in order to be able to detect illegal accesses no matter how stealthily they may be hidden. This also helps to develop a baseline for normal network and host activities which are critical in detection of the APT attack. This baseline also helps in the monitoring process since it becomes a reference value to help the monitoring team know even when there is a slight spike in usage. Another important thing is to test the system regularly to check if defense measures are working as desired and that the system is logging and monitoring itself effectively. Keeping in touch with news is also important since it helps the monitoring team to know of changes which are happening in the fast evolving computer world Andress, 2011()
Conclusion
Advanced persistent threats have three important components. These are that they are advanced, persistent and that they pose a threat. These components help to differentiate APTs from less advanced attacks. Since they are carried out over a long period of time, they are usually carefully designed to stealthily hide from common antimalware software. Therefore, the mitigation of APTs is quite a difficult process. The effects of an APT attack can run into the billions and this poses a national security problem and this is why all measure should be taken to mitigate the risk as early as possible.
References
Andress, J. (2011). Attacker Sophistication Continues to Grow? ISSA Journal, June (2011), 18-25.
Knapp, E.D. (2011). Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems. Amsterdam: Elsevier Science.
McAfee. (2010). Advanced Persistent Threats. Santa Clara, CA: McAfee.
Surhone, L.M., Tennoe, M.T., & Henssonow, S.F. (2010). Advanced Persistent Threat. Saarbrucken: VDM Verlag Dr. Mueller AG & Co. Kg.
goals of this study are to reveal some of the common and prevailing cyber security threats. Here we plan to explore the risk that is most difficult to defend: social engineering. We seek answers to the human elements and characteristics that contribute to the frauds and how they themselves unwittingly give out information that eventually leads to difficult situations. There are many ways in which the attackers 'phish' their
IT Security Plan The technological advances that have been witnessed in the past twenty to thirty years, has placed a tremendous emphasis on data and information. Computers have changed the world in many facets and the ability to communicate and perform work have been greatly assisted by the digital age. Along with these new found powers, there exists also new found threats. The ability to protect these investments and resources of
According to Toronto Star reporter Stephan Handelman in an article printed in 2005, the U.S. senior intelligence analysts consider China to be the greatest long-term threat to U.S. stability. China's military force and computer intelligence has reached its peak. Both the Europeans and the U.S. agree that the expansion of the Chinese military is more than "worrisome." Another article posted on November 16, 2007 by the Washington Post claims that spying
Metrics, Implementation, and Enforcement (Security Governance) How can you determine whether there has been a malware outbreak? The threat situation today has become more dangerous than in the past. Security and safety threats have been increasing in an alarming rate; there are more than 70,000 brand new bits of malware recognized daily. Well-funded cybercriminals have been currently making advanced malware that has been made to bypass present security options by launching prior
Persistent Threats (APT) Summit occurred in July of 2011 over two days in Washington DC and was an attempt to bring together the top leaders from the government and from business to help target the influence that such threats pose. The summit also functioned as a means for drafting up ways to protect against the most detrimental APTs and to discuss defense mitigation (rsa.com). Advanced Persistent Threats are essentially
Network Security Management From the onset, it is important to note that for data to flow from one computer to another, such computers should be interconnected in what is referred to as a network. With such interconnectedness comes the risk of data interception and it is for this reason that network security is considered crucial. In the recent past, the number of corporations that have experienced attacks on their computing resources