Targeted Attack Protection

By: Darin Barton CISSP, CISA

Targeted Attacks and Advanced Persistent Threats (APT) are now considered the Number #1 attack vector for cyber criminals.

WHY? Because it works!

What exactly is the difference between a Targeted Attack and an Advanced Persistent Threat (APT). In truth, they are similar but APT’s are generally thought of as being initiated by nation-states and focused mainly on the collection of data. High value objectives, such as; national defense and defense contractors, certain manufacturing sectors and the financial industry are most often the targets of APTs.

Most organizations should be concerned with Targeted Attacks since these attacks could be focused on stealing information, carrying out fraud or simply causing chaos within the network. This is an attack where an unauthorized person gains access to a network and remains undetected for as long as possible. The goal of the attack is to gain ongoing long-term access into systems without the end user or IT administrative team knowing of the threat.

WHY ARE TARGETED ATTACKS SO SUCCESSFUL?

Social Media has provided criminals with a vast amount of personal information to select from:

Facebook
Linked-In
Twitter
Pinterest
Instagram

Using this information, a cyber criminal can now direct attacks directly to a specific party increasing the likelihood that the recipient will click an infected link or download a Trojan infecting their machine with a backdoor program. The most intelligent and sophisticated of I.T. people can be deceived if the attack is done right. And, because some of these attacks are so complex many endpoint security applications do not catch the malware being introduced.

HOW CAN YOU PROTECT YOURSELF?:

Training your staff on Security Awareness has proven to be the best way to help mitigate regular threats to your environment; however, regardless of the amount of training, attacks will continue to occur and some will be successful. When a successful attack happens you need the ability to detect it as soon as possible and begin recovery procedures.

Using a threat emulation solution (also known as a sandbox solution) is one of the best ways to uncover malware or other attacks traversing your networks. Personally, I like the Trend Miro Deep Discovery solution for its in-depth security features and its ability to communicate with Trend protected endpoints to dynamically isolate devices from the network; but Cisco FireAMP is another solution to look for. Depending on your approach to IT Security, your existing architecture and environment, both of these solution should be highly considered and explored.

:Darin Barton CISSP, CISA is a senior security professional in Toronto Canada, with 20+ years experience in cybersecurity and investigations and currently employed with Access 2 Networks Inc. (A2N).

Testimonials

"Outstanding support... Unmatched technical expertise. Unbiased opinion. The level of service from A2N post-sales is unparalleled in the industry."

Jamil El Ghazal, Manager, Multiview Corporation

"Thank you for always going above and beyond. Your managed cybersecurity services are exceptional and you constantly demonstrate your dedication to customer service."

Brad Waller, IT Manager, Commonwell Mutual Insurance

“Special thanks to you and your team for the quick turnaround. This is why I keep coming back!”

Byron Bricker, IT Manager, Konrad Group

“…we were really impressed with their service and capability. Most importantly, they share their knowledge. I would recommend them to anyone.”

Guy Parisien, Network Administrator, Canada Council for the Arts

“A2N is one of those companies that just knows how to do things right. They were the best partner choice I ever made. Highly recommended!”

Steven Waters, VP IT, Cannex Financial Exchange

“The team at A2N have helped us out time after time from consulting to fixing. They can always be counted on for their support and they deliver amazing results. These guys, simply, are incredible! “

Chris Stapells, IT Manager, RPM Technologies

"As a major health care provider, we needed a key partner in helping us identify and design a comprehensive solution. Our continued working relationship and aftersales support has been exemplary. I would highly recommended A2N"

Christopher Broadbent, IT Department, Ungava Tulattavik Health Center

A2N – IT Matters-Secure IT

BLOG