Like nuclear submarines, Advanced Persistent Threats pose a significant risk. Hidden in the bits and bytes of the digital world, these threats can erupt at any time. The key deterrence factor isn’t just potential damage but also not knowing when something untoward will occur.
What is an Advanced Persistent Threat?
An Advanced Persistent Threat, or APT, is a cyberattack that disrupts regular operations. This can be achieved by activities like stealing data or disabling critical systems. These threats are characterized by being able to stay hidden for extended periods.
Imagine a competitor planting a spy in your organization. The spy sits there, not doing any overt damage. Meanwhile, anything you do in the office is being dutifully reported to your competitor. Plans are put at risk, weaknesses are laid bare, and you always end up a step behind.
An unknown risk is one of the most challenging to mitigate. Like in any fight, it’s most often the blow you don’t see coming that delivers a knockout punch!
Chong Yat Chin
CallNet Solution Managing Director
Notable APT Statistics and Incidents in Malaysia
Most APTs aim for high-value targets such as government agencies and financial institutions. However, the modus operandi for most APT attacks often sees server infection as a key. Because of this, other organizations can suffer collateral damage.
APT incidents in Malaysia include:
- FunnyDream was a long-running APT campaign targeting several countries, including Malaysia. Its objectives included domain registration, data collection, and remote command execution.
- In 2021, the Naikon APT group a new RainyDay backdoor attack targeting Malaysian military agencies. Included objectives were password dump execution and lateral movement.
- APT group ToddyCat targeted Microsoft Exchange servers in Malaysia and other countries between 2020 to 2021. The aim was to code execution and lateral movement.
How to Protect Yourself From APTs
Aside from being a hidden risk, APTs are complex to guard against because they often employ varying strategies. Because of this, protecting yourself from APT attacks requires advanced, multi-layered strategies.
Here are some ways you can fortify your defenses against APTs:
- Prioritize Network Security: Your first step should be to block your network with a robust firewall and intrusion detection system.
- Robust Authentication Protocols: Like for individual use, force your employees to use multi-factor authentication (MFA). This makes unauthorized access more challenging.
- Regular Software Updates: Keep all software up to date. Many APTs target application vulnerabilities. Even known and patched vulnerabilities have been re-targeted.
- Education and Training: Humans are often the weakest link in IT systems. Regular training on security best practices is vital to organizational safety.
- Network Monitoring: Ensure the implementation of network alarms triggered by network monitoring modules. Always check network traffic for unusual activity.
- Microsegment Your Network: Divide your network resources into small blocks. This limits an attacker’s access even if they breach one segment.
- Control Access: Don’t offer employees blanket access to system resources. Only provide access to subsystems necessary to fill specific roles.
- Endpoint Protection: A fancy name for device-based security solutions like Internet Security apps. Ensure all devices connecting to your business network are adequately protected.
APT protections for enterprises
Southeast Asia is a burgeoning digital hub, and Malaysia plays a key role thanks to our digital economy initiatives. While helping us build a high-value society, it also makes us a prime target for threat actors from other nations.
Just because APTs aren’t a high threat to individuals and small businesses doesn’t make the risk disappear. APT attacks often use any resource to reach their intended targets. One day, that resource may be your company server.
Don’t risk becoming collateral damage. Talk to a cybersecurity professional from Callnet Solution today and learn how to safeguard your systems.