Posted by: Ken Harthun
APT Attack, Chinese Hackers, Cyber-criminal, Cybersecurity, Security, Targeted attack
As you know, I’m a big fan of SANS Institute; their site, their various newsletters and their wealth of knowledge about cybersecurity are unparalleled. One day, I hope to be able to take some of their excellent training courses. In the meantime, however, I continue to peruse their newsletters and learn what I can.
The latest issue of SANS NewsBites, March 9, 2012, Vol. 14, Num. 020, beguns with this blurb written by Alan Paller, director of research for SANS:
The managing partner of a large New York law firm had a visit from the FBI in which he learned that the files of every one of his firm’s clients had been copied from the law firm’s servers and placed on servers in Asia known to be used as transfer points in APT attacks (APT translates loosely to Chinese, he learned). Nine days later, he and another partner from his firm came to my house on a Sunday morning fora conversation. They wanted to know why the intruders wanted the data, how they got in, why the firewalls and AV and other security tools their consultants told them to install didn’t stop the attacks, and how they could be stopped in the future. The conversation is posted at http://www.sans.org/security-resources/cybersecurity-conversations
This four part series is a fascinating read and I highly recommend it to anyone who is curious about the types of targeted attacks that are out there and how to protect yourself from them.