The Advanced Persistent Threat (APT) is a sophisticated and organized cyber attack to access and steal information from compromised computers. The intruders responsible for the APT attacks target the Defense Industrial Base (DIB), financial industry, manufacturing industry, and research industry. The attacks used by the APT intruders are not very different from any other intruder. The main differentiator is the APT intruder’s perseverance and resources. They have malicious code (malware) that circumvents common safeguards such as anti-virus and they tend to generate more activity than wanton “drive by hacks” on the Internet. The intruders also escalate their tools and techniques as a victim firm’s capability to respond improves. Therefore, the APT attacks present different challenges than addressing common computer security breaches.
| Combating the APT is a protracted event, requiring a sustained effort to rid your networks of the threat. Therefore, the APT requires the victim organization to perform the following tasks more rapidly, efficiently, and effectively: | ||
Compromised Systems
Evidence
Data
Threats |
 |
|
| MANDIANT products and services can significantly reduce your costs while improving your incident response capability. We have responded to the APT at over a dozen sites where MANDIANT consultants have built an incomparable base of knowledge. MANDIANT combines our consultant’s knowledge of the APT with our MIR technology to provide our clients with a solution like no other. To learn more how MANDIANT can assist your organization in combating the APT, please review “When Compromise is No Longer an Option” (Detect -> Collect -> Analyze -> Remediate). | ||
