apt(advanced persistent threats) & strategies to counter apt
Post on 13-Jan-2017
258 Views
Preview:
TRANSCRIPT
APT(ADVANCED PERSISTENT THREATS) & STRATEGIES TO COUNTER
APT
Avkash Kathiriya
Information Security Researcher
AGENDA
• What is APT?
• History of APT’s
• Attack Threat types
• Cyber Kill Chain
• Strategy to counter APT
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 2
WHAT IS APT?
• Advanced – Combination of attack methods and tools
• Persistent – Continuous monitoring and interaction
– “Low-and-slow” approach
• Threat – Attacker is skilled, motivated, organized and
well funded
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 3
APT is a term coined by the U.S. Air Force in 2006
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 4
HISTORY OF APT’S
HISTORY OF APT
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 5
RECENT PAST OF APT
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 6
http://www.theverge.com/2014/11/30/7309375/dvd-rips-of-fury-annie-mr-turner-and-still-alice-hit-the-web http://www.cnet.com/au/news/how-target-detected-hack-but-failed-to-act-bloomberg/ http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target
ATTACK THREAT TYPES
Nuisance –
o Attacks are opportunistic
Organization is targeted because it is vulnerable
Insider –
o Trusted insider steals data
Difficult to prevent but detection and attribution is possible
Hacktivists –
o Motivated by a cause
Determined but not always sophisticated
Financial & Intellectual Property (IP) –
o More sophisticated attacks
Typically target information for financial or competitive gain
State-sponsored –
o Persistent and Targeted
Attacks continue until targeted data is obtained
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 7
Nuisance Insider Hacktivists
Financial & Intellectual
Property (IP)
State-sponsored
CYBER KILL CHAIN
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 8
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 9
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 10
APT IN ACTION
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 11
STRATEGIES TO COUNTER APT
No Single Protection technology is a silver bullet
Since there exist no silver bullet to defeat APT, all you need is a strategy to defeat the APT
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 12
IT’S ALL ABOUT HUNTING THE “UNKNOWN”
GARTNER FIVE STYLES OF ADVANCED THREAT DEFENSE
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 13
SANDBOXING
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 14
SANDBOX is a security mechanism for separating running programs
2/28/2016 APT & STRATEGIES TO COUNTER APT BY AVKASH K 15
top related