期刊名称:International Journal of Computer Science & Technology
印刷版ISSN:2229-4333
电子版ISSN:0976-8491
出版年度:2013
卷号:4
期号:3
页码:346-351
语种:English
出版社:Ayushmaan Technologies
摘要:The term advanced persistent threat, orAPT, was first used by the U.S. Air Force backin 2006 to describe complex (advanced) cyberattacks against specific targets over long periodsof time (persistent). APTs first really hitthe headlines in 2010 when a worm calledStuxnet was found to be infecting supervisory control and data acquisition managementsystems produced by Siemens. Subsequentinvestigation revealed a cyber weapondesigned to shut down Iran’s nuclear programby tampering with programmable logic controllersused in its nuclear fuel processingplant. The sheer audacity and sophisticationof this attack created hysteria among securityprofessionals and network administrators, andhas led to a great deal of confusion aboutwhat APTs are and what they can do.Research into Stuxnet and the appearance ofDuqu and then Flame in 2012 have kept APTsin the spotlight.This is because of the complexity of attacks and the penetration of the attackers.Although our knowledge about APT is widening but side by side the attacks are themselves growing on a fast pace. Criminals using APTs want data, so that they could steal highly valuable information from an organisation;therefore the vulnerability of data increases and probability of being attacked also hikes.. Government agencies andorganizations in industries such as finance, energy, IT, aerospace, and chemical and pharmaceuticalsare the mostly likely to be the victims of APT infections, as are those involved ininternational trade. Users and organizations with access through business relationships tovaluable data, such as smaller defence contractors, are also beginning to be targeted. Andthe use of watering hole attacks may be heralding a change in tactic to mass infections,which are then sifted for any potentially interesting targets. Criminals are less likely to targetorganizations running critical infrastructure, but attempted APT-type attacks by hactivists and nation-states are on the increase. Any organization running industrial control systemslinked to the Internet is at risk. Administrators of some systems may be unaware that theirsystems are connected to the Internet, while systems installed some years ago, when cyber securitywas less of an issue, may not be adequately protected from attack. To protect your organization against APTs, it’s important to know what an APT is andwhat it isn’t. In this survey paper, we examine the history of the attacks in the contextof what’s happening today, analyze the ways in which the attacks are perpetrated, and provide recommendations for knowing when such an attack is animminent threat for your organization.
