Advanced Persistent Threats and its role in Network Security Vulnerabilities

Feras Mohammed Almatarneh

Abstract


: The paper presents an overview of Advanced Persistent Threats (APTs), and its core concepts, life cycle and characteristic features. In addition, the key factors; actors, targets and motives of an APT were highlighted in detail. The critical challenges currently facing organizations due to APT attacks on its systems, networks and IT infrastructure were critically examined. Lastly, the potential strategies for mitigating APTs were identified and highlighted. The findings demonstrated that an APT is a series of long term, covert and persistent cyber threats that target, penetrate and exploit organizations, businesses or states to acquire valuable proprietary (industrial espionage) data or political reasons (activism) resulting in losses of over USD$500 Billion annually. Consequently, the prevalence and sophistication of APTs have soared astronomically accounting for 39% of all cyber-attacks on computer networks. Furthermore, the potential damage from APTs is responsible for 60-65% downtime, network disruption, and financial losses. Hence, the potentially damaging effects of APTs, has prompted various organizations to invest in cyber security programs and other mitigation strategies to timely detect, prevent and eradicate future APT attacks. The paper reveals that APTs can be mitigated by deploying computer analytics, network security mechanisms such as the “defense in depth” (D-in-D), network traffic introspection, and endpoint security measures. However, other strategies include the deployment of Advanced Persistent Security measures. In conclusion, the paper reveal that APTs pose significant threats to global computer networks and require considerable resources, and investment to forestall future problems.

Keywords


Advanced Persistent Threat, Network Security, Hacking, Vectors, Vulnerability

Full Text:

PDF PDF

References


Abomhara, M. (2015). Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.

Arsene, L. (2017). The Anatomy of Advanced Persistent Threats [Online]. USA: Dark Reading, UBM LLC Available: http://ubm.io/1xfLYhT [Accessed 5th August 2017].

Ask, M., Bondarenko, P., Rekdal, J. E., Nordbo, A. and Ruthven, P. (2013). Advanced Persistent Threat (Apt) Beyond the Hype. Project Report in IMT4582 Network Security at GjoviN University College.

Bodmer, S., Kilger, M., Carpenter, G. and Jones, J. (2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. McGraw Hill Professional.

Brewer, R. (2014). Advanced Persistent Threats: Minimising the Damage. Network Security, 2014(4), 5-9.

Byres, E. (2008). Defense in Depth. Control Engineering Asia June 2008.

Choi, J., Choi, C., Lynn, H. M. and Kim, P. (2015) Published. Ontology Based Apt Attack Behavior Analysis in Cloud Computing. Broadband and Wireless Computing, Communication and Applications (BWCCA), 2015 10th International Conference on, 2015. IEEE, 375-379.

Choo, K.-K. R. (2007). Zombies and Botnets. Trends & Issues in Crime & Criminal Justice, (333).

Cobb, M. (2013). Advanced Persistent Threats: The New Reality [Online]. USA: Venafi Next. Available: http://bit.ly/2vrUuxZ [Accessed 6th August, 2017].

Command Five. (2012). Command and Control in the Fifth Domain [Online]. Germany: Command Five Pty Ltd. [Accessed 7th August, 2017].

Crossler, R. E., Bélanger, F. and Ormond, D. (2017). The Quest for Complete Security: An Empirical Analysis of Users’ Multi-Layered Protection from Security Threats. Information Systems Frontiers, 1-15.

Dean, G., Bell, P. and Newman, J. (2012). The Dark Side of Social Media: Review of Online Terrorism. Pakistan Journal of Criminology, 3(3), 103-122.

Dimaggio, J. (2016). The Black Vine Cyber-Espionage Group [Online]. USA: Symantec Security. Available: http://symc.ly/1D9K59m [Accessed 11 August, 2017].

Fire Eye. (2017). Advanced Persistent Threat Groups [Online]. USA: FireEye CyberSecurity. Available: http://bit.ly/2wNPn8t [Accessed 11th August, 2017].

Friedberg, I., Skopik, F., Settanni, G. and Fiedler, R. (2015). Combating Advanced Persistent Threats: From Network Event Correlation to Incident Detection. Computers & Security, 48, 35-57.

GitHub. (2017). Aptnotes [Online]. USA: GiTHub Inc. Available: http://bit.ly/1zL88YN [Accessed 11th August, 2017].

Industrial Control Systems. (2016). Analysis of the Cyber Attack on the Ukrainian Power Grid [Online]. Washington DC, USA: Electricity Information Sharing and Analysis Centre (E-ISAC). Available




DOI: https://doi.org/10.26483/ijarcs.v11i1.6502

Refbacks

  • There are currently no refbacks.




Copyright (c) 2020 International Journal of Advanced Research in Computer Science