Advanced Persistent Threats (APTs) and the Threat Landscape

Cybersecurity is anything but a numbers game. When it only takes a single break to inflict serious damage on your business, defending against majority of attacks isn't enough.

That's why it's best to focus our attention on the most dangerous threats we face, rather than those we face most often.

Known threats, accounting for about 70% of malware, are relatively easy to defend against. As long as we recognize the malicious code, we can block it: traditional signature-based methods typically cope with this.

A further 20% of malware comes under the banner of 'unknown threats'. Fighting these requires more sophisticated tools. But by using methods which go beyond standard anti-virus software; such as heuristics and dynamic whitelisting - we can combat these too.

Then there's the remaining 1%. Advanced threats which are multi-faceted, continuous and targeted attacks. Designed to penetrate a network and, lurk unseen and collect sensitive data, once in place, they can remain undetected for years.

Just as APT's are often multi-layered threats, an effective APT response needs to be multi-layered. Simple security tools are simply not enough. So what does this approach look like? The Australian Signals Directorate has developed an extended and thorough list of strategies to mitigate advanced threats. We believe that these strategies are just as applicable in Botswana and are a good place to start:

  1. Security Policies and Education: Companies need comprehensive and regular education on security issues encouraging the right behaviors

  2. Network Security: The structure of your network can greatly help to reduce the potential impact of an infection, exponentially decreasing your level of risk

  3. System Administration: Controlling & restricting user administration privileges through security policies can reduce vulnerabilities

  4. Specialized Security Solutions: Multi-layered protection

 

Key Mitigation Strategies:

  • Application control and whitelisting

  • Patching application and OS vulnerabilities

  • Operation System exploit mitigation

  • Host-based intrusion prevention

  • Dynamic analysis of email and web content

#malware #apt #threatlandscapebotswana #advancedpersistentthreats #botswana #security

1 view0 comments

Recent Posts

See All

Mobile device safety tips: Regularly update the operating system and apps. New vulnerabilities are always discovered, and vendors work to quickly patch their applications and software. For the users,

Mobile devices have rapidly become ground zero for a wide spectrum of risk that includes malicious targeted attacks on devices and network connections, a range of malware families, non-compliant apps

Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate networks. Tracking analysis shows that there has been an average of more