The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. In 2016 CSA released ‘Treacherous 12: Top Threats to Cloud Computing + Industry Insights’article to provide readers with a real-world glimpse into what is currently occurring in the security industry. InstaSafe has refreshed release to the 2016 article that includes new real-world anecdotes and examples of recent incidents that relate to each of the 12 cloud computing threat categories identified in the original paper.
“It’s our hope that these updates will not only provide readers with a more relevant context in which to evaluate the top threats but that the enhanced article will provide them with a real-world glimpse into what is currently occurring in the security industry.
An advanced persistent threat (APT) is a targeted attack by cybercriminals or in some cases government institutions that use multiple phases to first stealthily penetrate a network while avoiding detection and then obtain valuable information over an extended period of time. Advanced persistent threats are highly complex threats that differ from traditional threats in that they are targeted, persistent, evasive and extremely advanced. Spearphishing, direct hacking systems, delivering attack code through USB devices, penetration through partner networks and use of unsecured or third-party networks are common points of entry for APTs.
Penetrating the defenses of a specific organization or country and then stealing information from them without being detected requires enormous amounts of research and time, and the entire process of an advanced persistent threat may take months or even years to fully execute. Because of the scope of an attack, as well as the costs and time involved, APTs are often initiated, either directly or indirectly, with the involvement of national or international government bodies.
Although APTs can be difficult to detect and eliminate, some can be stopped with proactive security measures. For example, it is critical that users be educated to recognize and handle social engineering techniques such as spearphishing that is commonly used to introduce APTs. Awareness programs that are regularly reinforced are one of the best defenses against these types of attacks because many of these vulnerabilities require user intervention or action. Staff should be ingrained with thinking twice before opening an attachment or clicking a link.
7.2 Business Impacts
Combating complex APTs may require more advanced security controls, process management, incident response plans and IT staff training, all of which can lead to increased security budgets. This cost should be weighed against the economic damage inflicted by successful APT attacks.
7.3 Anecdotes and Examples
The computer networks of two universities in Singapore were breached in April 2017 by hackers looking to steal information related to government or research. The affected desktop computers and workstations were quickly isolated, removed and replaced.
1. The Treacherous 12 – Cloud Computing Top Threats in 2016
2. APT – advanced persistent threat
3. Singapore universities hit by advanced persistent threat attacks