Advance Persistent Threat Hacking (ATP) Introduction PDF
Document Details
Uploaded by IndebtedOwl
null
Tags
Summary
This document discusses Advance Persistent Threat (APT) hacking and provides an introduction to the topic. It analyzes the motives and capabilities of different types of attackers in the digital realm. The document also examines the different types of threats and their characteristics.
Full Transcript
ADVANCE PERSISTENT THREAT HACKING (ATP) Introduction – Part One Public When you decided to use the Internet, you joined a war In the past a bank has to worry about physical security threats and tangible people. Nowadays, banks are be...
ADVANCE PERSISTENT THREAT HACKING (ATP) Introduction – Part One Public When you decided to use the Internet, you joined a war In the past a bank has to worry about physical security threats and tangible people. Nowadays, banks are being attacked by intruders from countries with unfamiliar names who utilize FACTS attacks that exist only digitally Countries laws are struggling to deal with constant barrage of foreign attackers Internet makes it possible for an attacker to appear to originate from any country he wishes Public In the modern digital era, everyone connected to the internet is under constant attack for both businesses and home users Most times, the people compromised are just random victims of criminals who wants to steal as much data as possible, package it up, and sell it to the highest bidder FACTS Your computer resources are still valuable to an attacker A compromised computer represent another processor to attempt to crack passwords, send spam e-mail, or another host to help knock down a target in a distributed denial of service (DDoS) attack. Public The world has become a playground for anyone who understands technology and is willing to bend the rules We live in an age where anything is possible FACTS In Chapter 2, you will see real-world examples demonstrating some interesting and enlightening examples We are reminded on an almost daily basis of the struggles of corporations by headlines alerting us to the latest breach Major infrastructure have been called “indefensible” Public Want to know where your celebrity crush will be this weekend? I will just hack her e-mail account and meet here there Want to know what product your competitors are developing for next year? I will just hack their network and check out the blueprints. Did someone make you angry? I will just hack their computer and donate every cent they have to charity FACTS Can not afford to get into the hottest clubs? I will just hack them and add myself to the VIP list. This is only the tip of the iceberg. In the digital dimension, the only limits are from your own imagination The threats is much more real than you think, and it is only getting worse. Public The cold, hard truth is that at this very moment, regardless of the defense you have in place, I can get Defining the access to any and all of your private data Motives + Capabilities = Threat Class Threat Threat Class + History = Threat Public Threat Motives Hackers Motivated by curiosity & intellectual challenges Cyber criminals Motivated to make quick and easy money through the use of cyber-tactics, primarily on the Internet (e.g. scams through emails Hacktivists Motivated by a political agenda: hackers for a Attacker cause Hacking groups Motivated to gain fame and Motives recognition and to push agenda Nations-states Motivated by national security and political/national agenda Organized crime Motivated to make money by utilizing technologically gifted individuals Techno –criminals Motivated to make money through the use of technology, think of them as technologically enabled con men9 (e.g. credit card skimmers) Public Unsophisticated Threats (UT) Unsophisticated Persistent Threat (UPS) Smart Threat (ST) Smart Persistent Threat (SPT) Threat Advanced Threat (AT) Capabilities Advanced Persistent Threat (APT) APT has the most advanced skill set of all Public UT can focus on specific threats. They use point and click to execute a specific attach – and require virtually no skill. UT & UPT UPT will use same methods and have virtually the same set as a UT, but will focus more their efforts on a specific target Public ST represent a class of attackers with good technological skills, and if the attack does not work they move on to a different target. ST & SPT SPT represent a class of attackers with good technological skills, and they use a wide range of attack vectors to choose from. They will strategically choose the method that works best for the target organization. Public AT attackers have: Big picture/strategic thinker Systematic/military approach to attacks Preference for anonymity Selection of attack from larger pool AT & APT APT is a threat with advanced capabilities that focuses on compromising a specific target. The attacker will persist against specific target of interest until he or she achieve the goal. The two most likely attackers are Nation States and Organized Crime. Public Stealing intellectual property (corporate espionage) Stealing private data (insider trading, blackmail, espionage) Goals of Stealing money (electronically transferring funds, APT stealing ATM, credentials, etc.,) Stealing government secrets (spying, espionage, etc.,) Political or activist motives Public Motives + Capabilities = Threat Class Hackers + UT Unsophisticated Hacker Nation States + APT Advance Persistent Nation Threat Class Nation States + UT Unsophisticated Nation Techno-criminals + ST Smart Techno- criminals Public Introduction : Part Two Public The APT hacker is a single individual with an advanced skill set and methodology, which gives them the ability to target and compromise any organization they choose, APT Hacker: gaining access to any desired assets. The New APT hackers do exist within groups and will continue to be recruited by nations states and Black organized crime. Likewise it is completely feasible that a collective group of smart hackers could prove to be just as effective as a single APT hacker. Public No organization either small or big is safe from APT hacker Every organization such as government, military agencies, defense contractors, banks, financial firms, utility providers, etc., can be Targeted compromised. Small organization with small budget are most Organizatio vulnerable. ns Hackers can stay undetected within the small organization for a long time. Public