Francis Cianfrocca, a leading expert on Advanced Persistent Threats, continues his overview of the issues following his first article on the topic in the InfoSec Perception blog. What follows is Mr Cianfrocca’s work with minor edits from M. E. Kabay.
Advanced persistent threats (APTs) attack with privilege escalation and operate through application accesses that, to network monitors, appear to be fully normal in terms of network source addresses, protocol syntax-correctness, and user authentication / authorization levels. Both detection and remediation of these attacks are critical business objectives; whether driven by regulatory or operational sensitivities, data privacy and application security must be maintained and the flow of data must continue without interruption.
Continue reading