The ISACA study “2015 Advanced Persistent Threat Awareness-Third Annual” tries to uncover information security professionals’ understanding of APT threats.
A new report published by the ISACA organization that surveyed more than 660 cyber security professionals reveals that more than one in four organizations (28%) have already suffered an APT attack.
According to the experts, the BYOD is increasing the APT risks and the large use of mobile devices is dramatically increasing the surface of attack of the companies.
Another element of concern are the third-party relationships that could be exploited by attackers to hit the companies. In many cases, APT targeted contractors and business partners in order to this a firm because they a worse security posture.
“Advanced persistent threats have become the norm. Many major breaches are connected to APT tools and methodologies,” said Christos Dimitriadis, international president of ISACA. “As a result, it is more critical than ever for cybersecurity leaders and professionals to have a thorough understanding of these threats, and to be prepared to quickly and effectively respond.”
75% respondents report that their organizations have not updated their third-party agreements to improve the resilience to APT attacks.
Overall, more than 67 percent of the 2015 respondents believe that their organization is prepared to respond to APT attacks to some degree, in 2014 the percentage was 74 percent.
Another sore point is the lack of attention in the training of staff, companies invest more in technical controls that training and education of its employees, this many expose the organization to social engineering attacks that is one of the most effective attack technique used by APT groups.
Most of the attacks start with spear phishing and watering hole attacks, it is very common to compromise targeted organizations by serving malware via email or through exploit kit hosted on bogus websites.
“Social engineering remains at the center of APT activity to gain footholds into information systems. Early efforts began with phishing, then evolved to spear phishing, and proceeded on to whaling, which often included an attachment or a link that contained malware or an exploit. However, over the past three years APTs have moved on to the Internet as the main attack vector (e.g., web sites, social media and mobile applications)” states the report.
The report highlights the increasing use of social media and mobile apps to spread the infection.
The report also revealed a positive evolution in the approach to cyber security of the organizations, the most important sign is the commitment of executives. 62 percent of interviewed confirmed that their organizational senior management is becoming more sensitive to cybersecurity issues.
This improvement can also be attributed to the increased level of awareness of APTs, probably due to the numerous APT attacks uncovered by security firms in the recent years.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.