Advanced Persistent Threat (APTs) is one of the most difficult challenges faced by the anti-virus community. APTs have made headlines in the last few years for breaching some of the most well-known enterprise networks (Gamer, 2009). The term Advanced Persistent Threat was first coined by United States Air force in 2006 to describe the complex cyber-attacks against specific target over a long period of time (Bejtlich, 2010). It was employed by nation states to penetrate other nation’s network for security secrets and other defense data, it is unlike the previous cyber-attacks that went after credit card and other personal identify information.
APTs employ far more sophisticated tactics than other types of attacks. They combine advanced technology with traditional intelligence gathering to gain entry to a network. They then stay hidden for long periods scoping out where targeted data resides and where vulnerabilities exist, and then develop customized attacks to breach these vulnerabilities and seize sensitive data. These blended and stealthy methods circumvent traditional network security that protects against known cyber threat signatures (ISACA, 2013).
The methods developed for an APT don’t always end with one attack. These techniques are often copied and applied by other perpetrators against other targets, including organizations of all sizes. Eventually, these techniques may be commoditized and turned into malware kits that are readily available to common hackers for a nominal cost (Rivner, 2011).
In this respect, the life cycle of an APT may extend for many years beyond its original target and victimize hundreds or thousands of other targets. The figure below shows the exploit code from Aurora APT announced in 2010, which h...
... middle of paper ...
...sue 6, June-2011.
[12] Computer Security Resource Center (CSRC). Descriptions of SHA-256, SHA-384, and SHA-512. Accessed 27th January, 2013. Available http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf on 27th Janauary, 2014.
[13] Evgeny M. (2009). The RSA Algorithm Accessed 13th October, 2013. Available https://www.math.washington.edu/~morrow/336_09/papers/Yevgeny.pdf
[14] IP Lookup . Accessed 13th October, 2013. Available http://www.ip-tracker.org/
[15] Onifade, O.F.W. and Adebayo, K. J.( 2011).Phishing and Identity Thefts on the Internet.Journal of Information Technology Impact Vol. 11, No. 2, pp. 133-144, 2011
[16] Yusuf, S.E., Adebayo, K. J. and Adetula E. O. (2013). Mitigating Cyber Identity Fraud using Advanced Multv Anti-Phishing Technique. International Journal of Advaned Computer Science and its Applications (IJACSA) Vol. 4, No. 3.
By implementing effective policies and controls, and maintaining a dynamic defense strategy, DTL Power can safeguard its information systems. Team Results Unfortunately, hacktivists that were threatening DTL Power managed to penetrate our defenses and take over part of our system. This threat actor was not in our system for a long period of time, but was still able to affect the uptime of our system. However, even though DTL Power was breached, the controls that were in place prevented the threat from becoming critical. As the summary report in Figure 1 displays, our Global National Security Index was > 100 and our Security Index was > 100.
and their use. In Committee on Deterring Cyber attacks: Informing Strategies and Developing Options (Ed.), Proceedings of a Workshop on Deterring Cyber attacks: Informing Strategies and Developing Options for U.S. Policy. Washington, D.C.: National Academies Press.
Mandiant is an information security company which deals with the advanced threat detections and response solutions. It has investigated various computer security breaches, the major security breaches are attributed to advanced threat actors referred to as the “Advanced Persistent Threat” (APT). APT1 is one of the most prolific cyber espionage groups in China, it has stolen the large amount of confidential data from 141 organizations all over the world. This report was released on 18 February 2013, provided evidences of APT1 group identity, time line and details of attack infrastructure, economic espionage, commands, and its modus operandi.
When we hear the word Stuxnet, we believe this to be one of the first incidents involving the term "Cyber Warfare". As the term Cyber War is still not exactly defined, we know that in the present day, cyber attacks are on the rise and are constantly happening around the world. The cyber domain introduces a new attack vector for military war. The event of Stuxnet brings people into perspective of the logical cyber and computer realms affecting the actual physical world. Although the events of Stuxnet are highly debatable because we don't know the true origins of the Stuxnet programming itself, we can come to the conclusion that cyber attacks using advanced persistent threats from state based organizations are very possible and are happening every day. The theory of Stuxnet is the belief that this worm was created by a highly organized team, which was probably funded by a government, and its target was specific SCADA systems based in IRAN in attempts to stop its nuclear facilities. We should be aware of the possibility of more advanced types of cyber attacks in the near future and Stuxnet is a great example for us to prepare for future cyber conflicts. Throughout this paper, I will be covering about Stuxnet's discovery and evolution, the operation of the Stuxnet worm, events leading up and causing the Stuxnet program being created, and my personal analysis of this event. There are many resources from experts analyzing the Stuxnet event and program at which we can look to as guidance and knowledge about the most important worm in malware history.
The presentation is on the topic Phishing. This presentation will give you a better understanding of phishing, phishing techniques, how phishing works?, example of phishing, avoid becoming a victim, and what to do if you have been ‘caught’.
Having first appeared in Russia in 2005, referred as Winlock, that successfully scammed over £10m from unsuspecting victims before the Russian authorities arrested 10 individuals for involvement in such hackings in 2010, however it hasn’t stop the growing number of the problem. With such profitable money to obtain, perpetrators have discovered new ways to spread the malware and to cash-in at the expense of victims.
Stallings, W., & Brown, L. (2012). Malicious Software. In Computer security: Principles and practice (2nd ed., pp. 200-241). Boston: Pearson.
Paisley. "The Impact of a Cyber War." Defense Tech RSS. N.p., 16 Jan. 2008. Web. 21 Nov. 2013. (Source H)
Hettinger, Mike, and Scott Bousum. "Cybersecurity." TechAmerica Cybersecurity Comments. N.p., n.d. Web. 11 Mar. 2014. .
Ques1 Provide a brief overview of the case study This case study is based on the European Union Agency for Network and Information Security (ENISA) to examine the current and emerging cyber threats and threat trends for emerging technology areas. This will be followed by the explanation of threats, threat agents, technology areas and attack methods. This case study also provides a description of the procedure followed and also a few descriptions on use cases of cyber threat intelligence. The primary commitment of the ETL 2014 lies in the recognizable proof of top cyber dangers inside the reporting time frame. With the developing risk landscape, it makes up the fundamental commitment towards identifying cyber dangers.
In this globalized arena, with the proliferating computer users as well as computer networks, risks associated like Malware attacks are also multiplying. As the proverb
As a student in cybersecurity, Sheehan’s article on the attack in Allentown proves just how detrimental the security of computer systems is, and what the consequences are for allowing a breach to happen.
The Art of exploring various security breaches is termed as Hacking.Computer Hackers have been around for so many years. Since the Internet became widely used in the World, We have started to hear more and more about hacking. Only a few Hackers, such as Kevin Mitnick, are well known.In a world of Black and White, it’s easy to describe the typical Hacker. A general outline of a typical Hacker is an Antisocial, Pimple-faced Teenage boy. But the Digital world has many types of Hackers.Hackers are human like the rest of us and are, therefore, unique individuals, so an exact profile is hard to outline.The best broad description of Hackers is that all Hackers aren’t equal. Each Hacker has Motives, Methods and Skills. But some general characteristics can help you understand them. Not all Hackers are Antisocial, PimplefacedTeenagers. Regardless, Hackers are curious about Knowing new things, Brave to take steps and they areoften very Sharp Minded..
Olender, Michael. “Keeping Pace with Cyber Power, Defense, and Warfare.” Journal of International and Global Studies 6.2 (2015): 55+. Academic OneFile. Web. 5 Oct. 2015.
The threats to security from the United States Department of Defense, the national power grid and the Chamber of Commerce are very real and omnipresent. The Defense Department made an admission of the first major cyber attack upon its systems in August 2010. It was revealed that the attack actually took place in 2008 and was accomplished by placing a malicious code into the flash drive of a U.S. military laptop. “The code spread undetected on both classified and unclassified systems, establishing what amounted to a digital breachhead.” (2) This quote, attributed to then Deputy Defense Secretary William J. Lynn III, is just part of the shocking revelations that were disclosed in his speech made on July 14, 2011.