(APTs), a balanced approach for survivability and sustainability in the Cyber Realm presented at Central Ohio InfoSec Summit 2012

by Curtis ks Levinson,

Tags: Security

Summary : Advanced Persistent Threat (APT): APTs are attacks on US information technology and telecommunications infrastructure by known nation-state and other bad actors. These attacks are currently taking the form of Phishing and Spear Phishing attacks on US assets both government and industry. Phishing attacks are extremely difficult to detect and it appears from public sources that a portion of the attacks are coming from (spoofed) trusted domains, which makes filtering even more difficult. The primary remedy to such attacks is a combination of extreme user education/training and comprehensive Business Continuity Planning and Disaster Recovery (BCP/DR/COOP) implementation. Users need to be educated as to what acceptable practices are for eMail messages with embedded URLs and the urgent need to NOT CLICK on embedded URLs. Any questions as to the nature of the destination of the embedded URL MUST be directed to the message author, NOT acted upon in the eMail note itself. Since bad things can, do and will continue to happen, recovery plans, programs and techniques must be up to the task of restoring critical functions as soon as possible. The quicker we can recover, the more ineffective the attack.