Box of Meat - VRT: APT: Should your panties be in a bunch, and how do you un-bunch them?

VRT: APT: Should your panties be in a bunch, and how do you un-bunch them?

‘The co-opting of APT [Advanced Persistent Threat] by the marketing folks have led to the point that people are classifying any malware, rootkit or bot as “APT”. Zeus is not APT, Aurora is not APT. APT is a level of threat, a description of the sophistication, patience and talent behind an attack. The attacks are targeted, typically involving both an exploit and social engineering. Emails containing PDF exploits don’t get spammed to everyone in the organization, they are sent to key individuals with convincing messages. Bots aren’t your commercial, off-the-shelf variety. They are custom built, hard to detect and typically have multiple instances and functions so an initial remediation sweep will appear successful but miss the deeper, quieter processes.

The attackers monitor the state and success of their attacks and channels. As one channel goes down, they activate another. If a node containing valuable data is cleaned, they’ll reinfect it from another computer. They know what they are doing.’

15 March 2010
11:17

About me

a friendly linkblog covering email technology, spam prevention, "deliverability," and related topics.

Box of Meat is not associated with any particular company or organization.

Lijit Search

Hate the web? Get your daily Box of Meat delivered by newfangled electronic mail!

www.flickr.com

More Meat!

Box of Meat is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.