Advanced threats have evolved from advanced malware to highly orchestrated attacks.
Here’s how Arbor uses advanced threat protection techniques to help fight off any APT threat. Traditional forms of advanced threat prevention are insufficient to defend against organized human adversaries using sophisticated combinations of tools and techniques across complex IT environments.
For years, the industry has concluded that an APT threat involves some sort of malware in order to be successful. While malware can be used to exploit a target, a change in the APT threat landscape has taken place, which extends beyond the need for malware or 0-day exploits; attack campaigns.
Attack campaigns are not just a one-and-done attack hoping to compromise an endpoint, but rather an objective focusing on a specific motive and mission with the intention to persevere until the campaign is deemed successful.
APT threat attack campaigns are:
- Carefully planned incursions that draw on many APT threat attack tools and techniques
- Crafted by well-funded human organizations
- Tools and techniques of are designed by default to by-pass conventional advanced threat prevention controls
- Proliferate on the network and create multiple paths or scenarios to complete the mission. Attack campaigns do not follow a simple sequence through an attack cycle
- A simple criticality/severity scoring fails to highlight the real risk from the people behind an APT threat
Looking at the anatomy of an attack with a stealthier adversary, it’s easy to see where an attacker is best able to move within the network and to avoid detection from advanced threat prevention methods: