APT 101: Understanding Advanced Persistent Threats

Рет қаралды 9,611

2 жыл бұрын

Every day there’s a new headline about a ransomware attack, data stolen from a company, or another “zero-day vulnerability” that is being exploited. But who is carrying out these attacks, why are they doing it, and how? Is your company at risk?
This 60-minute discussion with Katie Dodson from Hive Systems will walk you through the basics of Advanced Persistent Threats, touching on both nation-state supported and cyber criminal hackers and answering questions like:
❯ What are these hackers trying to steal from me and my company?
❯ What are the motives behind their attacks?
❯ How are they carrying out these attacks and how can I recognize one before it’s too late?
Understanding the motives and ways that Advanced Persistent Threats carry out their attacks is critical for implementing security measures and protecting your company’s data. This discussion draws on Katie’s years of experience in cyber threat intelligence for the Department of Defense, and will cover some of the more prevalent Advanced Persistent Threats, their motives, and the common vectors used to carry out their attacks. Join us for our discussion and learn how to protect yourself from Advanced Persistent Threats today!

Пікірлер: 12

@SaiyanParmos Жыл бұрын

Better than any of my professors. You made it way more interesting thank you for the Post

@nimafarshchi5545 Жыл бұрын

Very informative and great Hive Live - can't wait to tune in for more!

@d00b3rt Жыл бұрын

Well done! Really engaging and informative. I'd love to see a deep dive on "who joins an APT". Thinking profiling a few individuals who got caught/indicted. Great stuff, looking forward to more!

@HiveSystems Жыл бұрын

Great suggestion! We would recommend checking out "Spam Nation" by Brian Krebs for some investigative reporting about that

@duraidthamer7388 Жыл бұрын

TTP is an attack fingerprint or attack vector according to what you mentioned?

@networknightmares7744 Жыл бұрын

It would be very interesting and useful to get information about APT's backed by Western governments, eg UK and USA. Could you direct to any resources on those, the vulnerabilities they exploit and kill chains they use etc?

@HiveSystems Жыл бұрын

Great question! Most famously Stuxnet was rumored to have started in the west, but generally there isn't as much information available as other APTs. Why is that? Your guess is as good as ours!

@networknightmares7744 Жыл бұрын

@@HiveSystems The Western media is largely controlled by nations within the 5 eyes. They jealously guard the secrecy of their offensive cyber capabilities and 'encourage' their media to cooperate. It worries me that, although we have a lot of threat intelligence on the kind of vulnerabilities, exploits etc used by 'external' APT's and we can incorporate this intelligence in our own cyber defenses, we have no idea about the vulnerabilities, exploits etc used by 'our boys' against 'our enemies'. So far as we know, there could be a whole suite of vulnerabilities kept secret from us, which we can't incorporate into our defenses, which leave us vulnerable. This wouldn't be helpful to the overall global cybersecurity posture. You don't keep yourself safe by making your neighbors less safe.

@tonyzone8999 3 ай бұрын

Put it this way not everyone is always China and Russia. Plausibility is the goal along with psy ops. Many of the attacks of these apts are relatively the same style of attack.

@user-zl6eo8zw4m 2 ай бұрын

There is nothing like shifting responsibility...

@rob1016ny 5 ай бұрын

If you’re asking about the “west”, you have to watch channels outside the US. Info on the equation group is out there, they just leave them out in videos like this.