APT Attacks More Prevalent: Report

Wednesday, October 21, 2015 @ 04:10 PM gHale

More than one quarter of organizations have already experienced an APT attack, a new study said.

In addition, mobile device security continues to lag at many organizations, even though the BYOD trend increases APT risk, according to the study from ISACA.

Cybercrime Costs Continue to Rise
Cyber Insurance on Growth Curve
Cyber Insurance Rates Skyrocket
Insuring Against Stuxnet
FTC Ruling Puts ICS Firms on Alert

Three-quarters of respondents said their organizations have not updated their third-party agreements to ensure better protection against APTs, which is a big concern since third-party relationships have resulted in significant breaches.

In one interesting development, organizations continue to have a preference for technical controls rather than education and training, even though successful APT attacks gain entry through social engineering attacks.

The survey report, which includes insights from over 660 cyber security professionals, said social engineering remains at the center of the APT’s efforts to gain footholds into companies’ information systems. Early attempts began with phishing, evolved to spear phishing, and moved on to whaling, which often included an attachment or a link that contained malware or an exploit. Over the past three years, APTs have moved on to the Internet as the main attack vector, leveraging web sites, social media and mobile apps.

Positive change is occurring as a result of the recent high-profile breaches. One major improvement is the increase in leadership involvement. Nearly two-thirds of the survey participants (62 percent) indicate organizational leadership is becoming more involved in cyber security-related activities, and 80 percent see a visible increase in support by senior management.

“Advanced persistent threats have become the norm. Many major breaches are connected to APT tools and methodologies,” said Christos Dimitriadis, international president of ISACA. “As a result, it is more critical than ever for cyber security leaders and professionals to have a thorough understanding of these threats, and to be prepared to quickly and effectively respond.”