«

»

Jul 03

Advanced Targeted Attacks, ATAs

aka Canada’s a target for cyber attack

 

An advanced persistent threat (APT), also referred to as an advanced targeted attack (ATA), is an Internet-enabled hazard typically coming from a well organised collective of individuals.

It is advanced because the operators, the people, responsible for the threat are particularly capable at gathering intelligence with a variety of means, sometimes including, but not limited to, the Internet, telecommunications and satellite.

It is persistent as a key goal of such an attack is to maintain continuous access to the target stealthy, in essence being as invisible as possible.

And threat? This points to the ability, intent, motivation and coordinated actions of the people behind the attack.

This week, network security company Fortinet put out a white paper called Threats on the Horizon: Canada and the Advanced Target Attack. The paper highlights the desirability of Canadian companies and organisations as targets for cyber attack. The reasons are clear and plentiful.

I had the opportunity to meet Fortinet’s Security Strategist Richard Henderson in the company’s FortiGuard Threat Research & Response Labs in Burnaby, BC. We spoke about Canada as a target of cyber attacks, the sophistication of the attacks being perpetrated and what individuals can do to protect themselves and the places they work.

Richard Henderson’s job is about being observant and watching what happens online, good and bad:

“As a security strategist, a big part of my job is keeping on top of everything that’s happening on the internet … and especially [the] bad. Threat events, online attacks and trends in security.”

Education is important

“I believe education is one of the most important things … [showing] how people can protect themselves. I blog about this, chat with users and customers, about how to spot bad things that are happening on their computers—and how to react accordingly.”

For as long as Henderson remembers, he’s always been a, “computer guy,” and after university he did some technical software development writing, and seeing as computer security had always been a  hobby of his, he soon found himself at Fortinet where he began managing the documentation team, and then moved on to his current role as security strategist.

To see Henderson’s explanation of what an ATA is and also talk about the history of cyber attacks, please see sciwae.com.

Below is Henderson talking about when Canada became as much a target as any other country for cyber attacks:

Protect Yourself

So depending on the motives of cyber attackers, any person, company or organisation could become a target for ATAs. Here Henderson explains what a person can do to better protect against ATAs:

Aside from diligently verifying dubious emails from your bank or online vendors, there is the matter of updating your operating system and other applications on your computer.

Software Updates

Another way to protect against cyber attack says Henderson is to update, or patch, your computer software, “As soon as you possibly can.” This next clip sees Henderson talking on the subject of updating software for businesses and individuals:

To see Henderson talk about some real world incidents, difficulties that can arise when some come companies patch software and the case of TJ Max customer information being compromised, please see sciwae.com.

Virus Reverse Engineering

On a tour of FortiGuard Labs, Henderson introduces his anti-virus colleagues. This A-V team, along with others like it across the globe, look for viruses and work to, “Protect people from becoming victims of cyber-crime or fraud.”

Henderson goes on to talk about off-the-shelf malware—malicious software that is made available for sale—and the business-like manner in which the malware is distributed. Please see sciwae.com for this excerpt and others.

 

Wael Elazab

 

 

Be Sociable, Share!