Skip to content

Advanced Persistent Threats A Main Concern After ‘Year of the Hack’

Advanced Persistent Threat attacks (APT) are the leading cybersecurity concern for security professionals, according to recently released survey results.

Bit9’s “Year of the Hack” survey asked 765 IT and security professionals across several industries about their main cybersecurity concerns and what steps were being taken to secure company networks. Sixty percent of respondents named APT attacks as their main concern.

“When you look at the number of data breaches that have occurred this year, and that includes RSA, Lockheed Martin, the International Monetary Fund, Oak Ridge Laboratories…and the very high profile attacks from LulzSec and Anonymous, pretty much across the spectrum we’ve seen a rash of high profile, highly-publicized data breaches,” Bit9’s chief technology officer Harry Sverdlove told Security Management.

APT attacks are especially damaging because they target an organization’s intellectual property, whether it be state secrets or customer lists. Attacks have increased in volume from years past. Given that most data breaches aren’t disclosed, known attacks are just the tip of the iceberg, he said.

Tom Murphy, chief strategy officer at Bit9, said the survey shows that companies are increasingly worried about APT attacks, but aren’t taking the necessary precautions to secure their networks.

“Companies are gambling on a losing game by failing to put security policies in place. It’s not a case of if a breach will occur, but when and how severe,” Murphy, said.

Bit9 says companies allow risky behavior by being more hands-off in their approach to software usage policies.

Survey data shows that relaxed download policies have increased 12 percent from 2010 and 22 percent since 2009. Sixty-eight percent of respondents use restrictive administrative rights to control and prevent unauthorized software, but half of companies that responded allow users to download and install applications themselves.

Respondents that allow users to download software often find music and social media applications, in addition to viruses and malware, on their computers.

Additionally, almost 80 percent of companies allow employees to use removable storage devices, possibly exposing themselves to the loss of sensitive data, while increasing exposure to malware.

Sverdlove said this happens because many security practitioners are operating using a dated paradigm. Companies use more relaxed policies because they feel like more flexibility will allow their users to be more productive.

Similar to a terror watch list, the companies use lists of known attacks to watch for incoming threats. But these “bad lists” are ineffective for newer attacks that are usually customized to their targets.

“When people have lived in a certain paradigm for so long it’s difficult for people to adapt to the evolving threat landscape,” Sverdlove said.

The “Year of the Hack” has also made researchers more aware of what Sverdlove called “the perfect storm” of enemy actors. In addition to threats from hacktivists, recent breaches show that criminal organizations and nation states are also capable of launching effective and long term cyberattacks.

infographic coutesy of Bit9. For the full version click below.Bit9_InfoGraphic.jpg