APT 101: Understanding Advanced Persistent Threats
ฝัง
- เผยแพร่เมื่อ 27 ก.ค. 2022
- Every day there’s a new headline about a ransomware attack, data stolen from a company, or another “zero-day vulnerability” that is being exploited. But who is carrying out these attacks, why are they doing it, and how? Is your company at risk?
This 60-minute discussion with Katie Dodson from Hive Systems will walk you through the basics of Advanced Persistent Threats, touching on both nation-state supported and cyber criminal hackers and answering questions like:
❯ What are these hackers trying to steal from me and my company?
❯ What are the motives behind their attacks?
❯ How are they carrying out these attacks and how can I recognize one before it’s too late?
Understanding the motives and ways that Advanced Persistent Threats carry out their attacks is critical for implementing security measures and protecting your company’s data. This discussion draws on Katie’s years of experience in cyber threat intelligence for the Department of Defense, and will cover some of the more prevalent Advanced Persistent Threats, their motives, and the common vectors used to carry out their attacks. Join us for our discussion and learn how to protect yourself from Advanced Persistent Threats today! - วิทยาศาสตร์และเทคโนโลยี
Better than any of my professors. You made it way more interesting thank you for the Post
Very informative and great Hive Live - can't wait to tune in for more!
Well done! Really engaging and informative. I'd love to see a deep dive on "who joins an APT". Thinking profiling a few individuals who got caught/indicted. Great stuff, looking forward to more!
Great suggestion! We would recommend checking out "Spam Nation" by Brian Krebs for some investigative reporting about that
TTP is an attack fingerprint or attack vector according to what you mentioned?
There is nothing like shifting responsibility...
It would be very interesting and useful to get information about APT's backed by Western governments, eg UK and USA. Could you direct to any resources on those, the vulnerabilities they exploit and kill chains they use etc?
Great question! Most famously Stuxnet was rumored to have started in the west, but generally there isn't as much information available as other APTs. Why is that? Your guess is as good as ours!
@@HiveSystems The Western media is largely controlled by nations within the 5 eyes. They jealously guard the secrecy of their offensive cyber capabilities and 'encourage' their media to cooperate.
It worries me that, although we have a lot of threat intelligence on the kind of vulnerabilities, exploits etc used by 'external' APT's and we can incorporate this intelligence in our own cyber defenses, we have no idea about the vulnerabilities, exploits etc used by 'our boys' against 'our enemies'. So far as we know, there could be a whole suite of vulnerabilities kept secret from us, which we can't incorporate into our defenses, which leave us vulnerable.
This wouldn't be helpful to the overall global cybersecurity posture.
You don't keep yourself safe by making your neighbors less safe.
Put it this way not everyone is always China and Russia. Plausibility is the goal along with psy ops. Many of the attacks of these apts are relatively the same style of attack.
If you’re asking about the “west”, you have to watch channels outside the US. Info on the equation group is out there, they just leave them out in videos like this.