Target Cyber Criminals to Stop Cyber Crime
Focus on the people, then the technology
Cyber criminals, threat actors, hackers—they know cyber crime pays. Your data and technology, stored in networks and the cloud, are vulnerable. And although the tactics, targets and technology of attacks are all important, your most powerful defense against cyber crime is to understand threat actors.
To effectively prevent and respond to cyber crime, you need to establish the motivations and methodology of threat actors. Here are two ways advanced cyber attacks work:
Targeted – Malware, such as spear phishing, is used to reach a specific machine, individual, network, or organization. This malware tends to be signature-less, or otherwise evades antivirus and other traditional cyber security efforts using the criminal's knowledge of the target.
Persistent – Advanced cyber attacks are initiated via a series of email, file, web, or network actions. These individual actions might remain undetected by antivirus or other traditional defenses, or be ignored as harmless or low-priority. However, the malware becomes entrenched and pervasive, and culminates in a devastating attack.
Malware that uses both of these methodologies simultaneously presents an advanced persistent threat, or APT. And any organization in any industry can be a target.