Earlier this week, on May 13, 2015, the InfoSec Institute published an article titled Anatomy of an APT Attack: Step by Step Approach, explaining what is involved in creating and executing APTs (Advanced, Persistent Threats), the type of sophisticated cyber attack that can keep security professionals of even the largest and tech savvy organizations and agencies awake at night. These types of attacks can not only be highly effective and hard to detect, but they typically allow attackers to maintain a long term presence on a network to exponentially magnify the effects of their successful intrusion, both internally and beyond.
Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), a premier national provider of cyber security solutions headquartered in New York City, has lived on the cutting edge of the cyber security industry since the infancy of the Internet, and has seen firsthand just how far the ripples of a successful APT attack can reach. “APTs are certainly not the most prevalent type of cyber attack, but they can unquestionably be the most devastating. The sophistication of evasion techniques ATPs are designed to use tend to allow for unfettered access to the targeted networks for amazingly long stretches of time, sometimes years, putting not only an organization’s ESI (Electronically Stored Information) and digital assets at risk, but also providing a pipeline to expand their attack to vendors, clients, investors or anyone else “connected” to the compromised victim’s network. And for the whole circus to unfold, all it takes is something as simple as a single individual within an organization to take the bait of a phishing or spear phishing email and open an attachment or follow a malicious link. From there a backdoor gets installed and it’s off to the races.”
“APTs are not typically of the smash-and-grab attack variety; they are built for longevity. Although, if the attackers sense they have been or will be detected, they may accelerate the attack to do or get what they can while they’re in. That’s what makes testing regularity so important from a defensive front. The faster the attack can be detected, identified and eradicated, obviously the less severe the aftermath will be. Because the reality that must be faced is that there are always ways in and weaknesses must continuously be assessed, identified and remediated,” says Caruso. “Fortunately, strengthening cyber security doesn’t necessarily have to be expensive hardware or software based solutions, it can often come in the form of creating or updating security policy to keep everyone informed, trained and alert. No matter how you slice it, APT attackers have to first get their foot in the door, a vast majority of the time relying on social engineering against the human element to achieve that goal, so if you can stop that first event before it happens, you are way more than half way home.”
“For years we’ve been assisting hospitals, universities, financial institutions, businesses and corporations of all sizes to deal with the constantly evolving threats on the digital frontier,” says Caruso, “and so far we have never done a cyber threat vulnerability assessment, or a penetration test without finding numerous ways to help improve the client’s cyber security posture. Our background in dealing with such a diverse range of customers and such a wide array of threat verticals gives us great insight not only into the threats they face, but also how industry specific technologies are used and how they must conform from a regulatory compliance standpoint. And that means eliminating a lot of the guesswork and mistakes new players in our field often have to go through, while providing streamlined and effective solutions that don’t wreak havoc on the all-important bottom line.”
“The truth is, everyone is at risk," warns Caruso, "and until every organization with a presence online routinely addresses the reality of cyber security threats, proactively - not only after an incident has been identified, the consequences can not only devastate their own organization, but the ripples and subsequent aftermath can have a reach that’s mind boggling, not to mention the hits to business integrity, client trust and potential liability issues that can be crippling.”
Global Digital Forensics understands that cookie-cutter approaches to cyber security are simply not adequate when applied to the myriad of unique needs different clients in different industries have. So GDF tailors solutions according to each client’s needs and constantly strives to update offerings and solutions to make them as effective and current as possible, including professional cyber threat vulnerability assessments, advanced penetration testing, social engineering testing, deep scan detection and analysis, policy and procedure review, regulatory compliance assistance and 24/7 emergency incident response.
*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit our cyber security page.