Advanced persistent threats and targeted attacks:
Fortunately, advanced capabilities are available to help you detect, analyse, and respond to these attacks before damage is done.
Why they’re different
Based on extensive prior research, targeted attacks and advanced threats (also sometimes referred to as advanced persistent threats or APTs), are purpose-built to breach your network and steal your data, intellectual property, and communications without being detected.
Targeted attacks and advanced persistent threats:
Targeted attacks and advanced persistent threats have led to many of the major data breaches of recent years. Organizations of all kinds and sizes—including yours—are at risk. Indeed, your network may well already have been compromised.
Targeted attacks are as much a strategic business concern as they are a security concern. The consequences go well beyond creating headaches for your security professionals. The strategic impacts of targeted attacks and advanced threats include:
Unexpected strategic impacts:
Unexpected career impacts:
Detecting the Attacker with Trend Micro Deep Discovery Inspector
Deep Discovery Inspector is an advanced network protection appliance that monitors virtually all network traffic to identify and analyse malware, command-and-control (C&C) communications, and evasive attacker activities that are invisible to standard security. Unlike standard security solutions, Deep Discovery Inspector:
·Scans all network ports and over 80 network protocols for broad coverage.
·Accurately detects advanced malware by using custom sandbox images that precisely match system configurations.
·Uses multiple techniques to identify attack signals across a range of endpoints and mobile devices including Microsoft Windows, Apple OSX, and Android.
Blocking Attackers with TippingPoint Next-Gen IPS and Next-Gen FW
TippingPoint NGIPS and NGFW deliver high-performance inline protection against a broad range of attack elements including malware, C&C, and vulnerability exploits. The TippingPoint Security Management System (SMS) provides central management, policy control, and SIEM integration to enable enterprise-wide investigations.
When integrated with Deep Discovery Inspector, NGIPS and NGFW can block newly discovered C&C paths identified by Deep Discovery sandbox analysis. Deep Discovery Inspector maintains a real-time link with TippingPoint SMS to convey Indicators of Compromise (IOCs) that SMS broadcasts to all TippingPoint devices per explicit policy management configurations. The devices can then block all subsequent C&C to/from the C&C location for any host on the network.