Hard to detect
Never stop
Highly coordinated
May be state sponsored
Often carried out through social engineering.
For example, a victim may be fooled into double-clicking an e-mail attachment with malware, which connects to a command-and-control center. The hacker controls the system, lurks on networks for days or months, finds valuable targets and exfiltrates them.
APTs can also modify software, rendering it ineffective or insecure. For example, the Apple software development toolkit (SDK) was recently hacked, rewritten and distributed by bad actors. Many Apple software developers downloaded the new toolkit from a third-party site, not the Apple site, because they felt the Apple site was running slow.
Software developers were basically unwilling to wait for the Apple site download times, so they were tricked into downloading from the third-party sites. Unfortunately, all software developed and uploaded to the Apple store with the hacked SDK was malicious.
The Apple SDK hack was effective and well-coordinated. Bad actors took advantage of an opportunity – the slow Apple SDK download site. Third-party distribution sites around the world promoted the SDK malware as a legitimate software package. If the software had been tested by a penetration tester or a cybersecurity analyst for vulnerabilities, the problem would have been identified immediately.
More Info: a+ certification job opportunities
Never stop
Highly coordinated
May be state sponsored
Often carried out through social engineering.
For example, a victim may be fooled into double-clicking an e-mail attachment with malware, which connects to a command-and-control center. The hacker controls the system, lurks on networks for days or months, finds valuable targets and exfiltrates them.
APTs can also modify software, rendering it ineffective or insecure. For example, the Apple software development toolkit (SDK) was recently hacked, rewritten and distributed by bad actors. Many Apple software developers downloaded the new toolkit from a third-party site, not the Apple site, because they felt the Apple site was running slow.
Software developers were basically unwilling to wait for the Apple site download times, so they were tricked into downloading from the third-party sites. Unfortunately, all software developed and uploaded to the Apple store with the hacked SDK was malicious.
The Apple SDK hack was effective and well-coordinated. Bad actors took advantage of an opportunity – the slow Apple SDK download site. Third-party distribution sites around the world promoted the SDK malware as a legitimate software package. If the software had been tested by a penetration tester or a cybersecurity analyst for vulnerabilities, the problem would have been identified immediately.
More Info: a+ certification job opportunities
No comments:
Post a Comment