What Enterprise Leaders Should know about Persistent Threats in 2019

Staving off critical threats in the current cybersecurity landscape is a tall order for any size organization. As hackers continually shift and improve upon their attack and breach strategies, IT and security stakeholders must do their best to keep up and remain informed of these trends. This is one of the best and most successful ways of staying ahead of the increasing wave of threats that impact businesses across industry sectors.

One particular security issue that’s come to light recently are persistent threats. Advanced persistent threats, or APTs, represent a category of their own, and attacks that fall under this umbrella can be especially damaging.

After delving through expert analysis, user behaviors, market trends and other resources, Trend Micro researchers have identified a few of the outstanding persistent threats that will emerge this year. Enterprise leaders that inform themselves and spread awareness of these security threats stand the best chance of safeguarding their company’s sensitive data, systems and intellectual property.

What is an APT?

As Trend Micro noted in its definition, APT is a term adapted from the military sector and applied to security to demonstrate threats carried out by attackers leveraging in-house tools. Because these approaches to attack and breach are not usually seen within the cybercriminal underground circles, they are unique and warrant their own classification.

However, as Trend Micro noted, APTs exist in a category of their own, and are different from persistent threats and targeted attacks. Where APTs are more sophisticated and leverage more original, in-house tools to support infection, persistent threats are those that use more recognizable and familiar strategies of attack. That’s not to say, though, that persistent threats aren’t a major security issue for enterprises.

In addition, the term “targeted attack” typically emerges in conjunction with the APT discussion. Although APTs can involve a specific target, there is a distinction to be aware of here.

“While targeted attacks also involve complex stages similar to APT. their targets are different; targeted attacks aren’t carried out by nation states,” Trend Micro’s definition stated. “Meanwhile, APTs are more sophisticated in nature and require deft knowledge and skills to execute. It is also typical of APT attacks to go after a country’s infrastructure, such as power grids, nuclear reactors, or fuel pipelines.”

This year, APTs as well as persistent threats will impact organizations and individual users alike. Let’s examine some of the threats outlined in Trend Micro’s new report, “Mapping the Future: Dealing with Pervasive and Persistent Threats,” as well as what these issues mean for today’s enterprise leaders.

APTs are their own unique type of attack.

Consumer threats: Social engineering and use of breached credentials

While business leaders may not be particularly concerned about threats that target individual consumers specifically, it’s important to have awareness of these, particularly if the organization operates within the tech or other advanced and highly-targeted sector. Consumer threats like those discussed in Trend Micro’s report may impact an organization’s client base or target audience. In addition, depending on the nature of the business, users may turn to the company as a trusted and authoritative source for information, awareness, tips and best practices. In this way, being informed and aware of consumer-targeted threats can benefit an enterprise.

Two issues to be aware of in this arena include a rise in social engineering attacks, and the fraudulent use of stolen credentials. As Trend Micro noted in its report, individual consumers will be hit with a considerably higher rate of social engineering attacks that leverage phishing techniques. Advanced threats like this prey on victims’ emotions, and utilize publicly available information to better tailor phishing messages and encourage successful intrusions.

Often, breaches center around data theft, including highly sensitive consumer information. News reports of millions of customers and their personal information being impacted by a breach are nothing new. But this year, experts predict a sharp rise in fraudulent activity connected with the theft of breached credentials.

“Breached credentials will be actively and heavily used in fraudulent transactions as cybercriminals take the next logical step after amassing data breach info dumps in past years: using these stolen credentials,” the report stated. “We will see cybercriminals signing up with stolen account credentials for mileage and rewards programs, and using them to register trolls for cyberpropaganda, manipulate consumer portals by posting fake reviews, or add fake votes to community-based polls — the applications are endless.”

As these types of instances of fraud increase, it can be helpful for organizations to put additional layers of vetting and verification in place for account set-up. Checking that an individual is who they claim to be can support more robust data security on the part of the organization and help reduce instances of fraud.

Automation and its impact on BPC

Business Process Compromise, or BPC, became a significant threat last year, wherein hackers breach certain business processes for profit. Trend Micro experts predict that this issue will not only continue this year, but will become heightened thanks to growing use of automation.

Automated software programs overseeing and managing key business processes will likely create increased opportunities for hackers to silently infiltrate. Making matters worse is the fact that this risk could travel up the supply chain and impact an organization’s vendors and partners as well.

In this way, it’s imperative for all automated systems to be properly vetting and strongly secured from the point of deployment to reduce the risk of BPC.

New players enter the APT arena

In addition to these robust predictions from Trend Micro’s report, security experts at Kaspersky Labs forecast a rise in APT activity, coming at the hands of newcomer threat actors. Reporting on Kaspersky’s predictions, Newsbytes noted that even novice individuals can now access resources to support successful APT attacks.

“The barrier to entry has never been so low, with hundreds of very effective tools, re-engineered leaked exploits and all kinds of frameworks, publicly available for anyone to use,” Newsbytes explained.

In particular, experts predict a rise in APT activity targeting organizations in South East Asia and the Middle East. Organizations inside and outside of these regions must be on the lookout for suspicious activity that can point to an APT attack, including the use of social engineering and zero-day vulnerabilities.

Safeguarding data in the age of persistent threats

In addition to these threats, Trend Micro also highlighted other security issues within its report, including:

  • Cybercriminals leveraging more advanced tactics to blend in and hide their malicious activity.
  • Rising exploit attacks being based on non-zero-day vulnerabilities.
  • APTs targeted industrial control systems heightening risks in essential service sectors.
  • Increasing risks to cloud software systems.

It’s imperative for enterprise leaders to aware of what’s on the horizon within the current and emerging threat landscape. Furthermore, stakeholders must work with their internal IT security leaders as well as their technology vendors to enable a proactive protection stance against these malicious tactics.

Check out Trend Micro’s report to learn more about the persistent threats that we’ll see this year.

Read More HERE