Advanced Persistent Threats (APTs) seem to be all the rage within cyber crime circles. Defined as an unwelcome user gaining access and planting footholds within the network for an extended period of time to steal information, it seems APTs have even hit the political circuit. The DNC released reports that two separate attacks occurred on their networks, with one hacker group having infiltrated over a year ago.
These Advanced Persistent Threats weren’t sophisticated at all (just like others we’ve written about previously) – according to most reports, the attackers relied on the success of any number of spearphishing attacks. As many may remember, spearphishing attacks are perpetuated through a user received email correspondence with an infected link or attachment in the body itself. The user engages and presto! the hacker has unlimited access to the network and every endpoint.
Specific to these attacks, what is interesting is that while both are linked to known Russian military intelligence circles, the two separate attacks were completely unrelated to one another. Crowdstrike, a cyber crime investigation firm hired to research and diagnose the issue, released a statement saying that while one group (“Cozy Bear”) had deep footholds in the network for up to a year and were able to monitor and read all incoming and outgoing messages (emails, chats, you name it), the second group (“Fancy Bear”) had been in for a shorter period of time and was intent on finding damning information about the Republican nominee.
A hacker going by Gucifer 2.0 – paying homage to the Romanian user behind the attacks on various US government branches and the like – just released a trove of documents to prove his involvement. Now, enterprise business owners don’t care whether Gucifer 2.0 initiated the hack or the Tooth Fairy; what matters is that these groups were able to stay in this network for months and years without getting caught.
Advanced Persistent Threats are hazardous to companies of all shapes and sizes. Make sure to implement a cyber security plan that fits your organization’s needs and morphs with the ever-changing threat landscape. Managing and monitoring your cyber security landscape will be the difference between battling an Advanced Persistent Threat, or stopping it in its tracks.