Are You Protected from Advanced Persistent Threats?

Posted by Susan Sison on Aug 2, 2017 12:29:05 PM

 Advanced Persistent Threats

Malware and cyber criminals are becoming more advanced. Is your IT security?

The rise of advanced persistent threats (APTs) drives the need to rethink IT security measures to deal with a new level of sophistication and an increased frequency of threats. Unfortunately, hackers are outwitting security measures faster than security professionals are adapting to new hacking techniques.

Just two months after the WannaCry ransomware caused an estimated $4billion in losses, Petya was able to attack companies using the exact same EternalBlue vulnerability.

Fighting the onslaught of APTs requires a smart, collaborative, automated approach that’s capable of covering an increasingly complex network environment.

Network Vulnerability Increases

There are several factors that have led to the increase in network vulnerability:

  • Increasingly Distributed Networks: The increase in IoT (Internet of Things) and the cloud have led to the adoption of more broad, diversified network infrastructures that are much harder to secure. The Mirai malware discovered in August 2016 takes advantage of the increase in network devices by turning them into remote controlled bots that can be used in large-scale network attacks. Fortinet’s Threat Landscape Report found 36% of organizations detected botnet activity related to ransomware in Q4 of 2016.
  • Advanced Persistent Threats Becoming More Sophisticated: One of the factors that makes APTs so difficult to guard against is the complexity of their attacks, designed to evade detection via anti-malware, anti-sandbox and anti-analyst techniques — and a variety of other tactics aimed at fooling the systems and experts deployed to detect them. Attackers use of social engineering scams to release APTs into network environments makes them all the more difficult to thwart.
  • Lack of IT Security Adaptation: Traditional security technologies are struggling to cover the myriad of devices, users and information passing through increasingly complex networks. This makes it easy for ransomware and other malware to get lost in the noise. According to ISACA, 62% of organizations surveyed recently reported experiencing ransomware in 2016, but only 53% said they had a formal process in place to address it. As long as companies fail to put together a comprehensive network security program, they will continue to be vulnerable.

Benefits of APT Security Technologies

To combat APTs, security professionals need more advanced and cohesive security infrastructures that can monitor, detect and mitigate threats — without impacting performance. An advanced APT security solution should be:

  • Intelligent: An increasingly dangerous threat landscape demands a security solution that dynamically generates intelligence on previously unidentified threats, enabling immediate response and mitigation.
  • Collaborative: Today’s security infrastructures require an integrated security fabric managed via a single-pane-of-glass that leverages open APIs to automatically share actionable threat intelligence and coordinate threat response.
  • Edge to Endpoint Protection: Integrated networks need solutions that cover complex networks from edge to endpoint with highly scalable central controls.

An example of a comprehensive, integrated APT security solution is Fortinet’s Advanced Threat Protection framework which weaves together critical threat prevention, detection and mitigation functions driven by continuous, real-time monitoring and analytics. A partner of Fortinet, NCA can deliver you the advantages of Fortinet’s adaptive, best-of-breed security approach to protect your environment from advanced persistent threats. Contact us today.

Network Computing Architects, Inc. is a premier provider of high quality sustainable and secure networking, information security solutions and unified communications. We partner with our clients to provide answers to business initiatives where leading technologies converge.

NCA achieved ISO 27001:2005 certification in December 2007 and is currently ISO 27001:2013 certified. The scope of NCA's ISMS is client confidential information within NCA Professional Services Practice.