Computerware Blog
Tip of the Week: Here are 4 Signs to Catch APT Hackers In the Act
Working with technology can get pretty complicated and technical at times. We're here to help. We've got plenty of technology tips to share with the world, and we're going to unleash them on you once a week. For more helpful tech tips, search our previous blog articles. This week's tip will help you spot a nasty APT hack on your company's network.
There are several different kinds of hackers out there. You most often hear about the lone hacker attempting to infiltrate your email and steal your credit card credentials, but concerning your business, a hacker of this variety is small potatoes compared to hackers of the Advanced Persistent Threat variety--otherwise known as APT hackers.
APT hackers have bigger goals in mind than stealing a single person's personal data. Instead, APT hackers prefer to target businesses, looking for valuable and confidential files. APT hackers like to steal enough information and credentials so that they can fraudulently take on the identity of an entire company. Think about it; making a fraudulent purchase with a company's stolen identity will give a hacker much more purchasing power than ripping off the average schmoe of their few thousand dollar credit limit.
With APT hacking, you're dealing with something much more dangerous and more organized than a lone hacker. APT hackers work in groups and they use their numbers to successfully breach a network simply by overwhelming it. In fact, you may be surprised to learn that APT hackers work regular hours and may even work from an office--just like you!
An increased level of hacking leaves behind signs that you can look for in order to know if you've been hacked. The signs of an APT hack vary in scale and scope compared to the signs left behind by a lone hacker. However, an APT hack uses the same hacking techniques to gain access to a network; techniques like phishing emails or URLs that download malicious threats, like spyware and malware.
Here are four signs from InfoWorld that your business has fallen victim to an APT attack.
1. Increase in elevated log-ons late at night.
To pull off a major network takeover operation like APT hackers have in mind, they prefer to work under the cover of night in order to avoid detection. Be wary of increased login activity at night, especially by high-level users that have elevated privileges and permissions.
2. Finding widespread backdoor Trojans.
Once an APT hacker has access to your network, they will often install backdoor Trojan programs. Trojans are their insurance policy to ensure that they can get back into the network, even if the login credentials are changed by the network administrator.
3. Unexpected information flows.
Be on the look out for "large, unexpected flows of data from internal origination points" to other internal or external computers. An example of this would be a user accessing their email from a foreign country.
4. Discovering unexpected data bundles.
It's common practice for APT hackers to aggregate stolen data to an internal collection point before moving it outside. Look for large chunks of compressed data hiding in places where it shouldn't be.
Because APT hackers aren't your ordinary garden-variety hackers, your business needs something stronger than an ordinary security solution. Computerware offers your company enterprise-level protection with our Unified Threat Management (UTM) solution. Our UTM solution is designed with serious threats in mind like APT hackers.
For added protection, Computerware can provide your business with remote monitoring as part of our managed IT services. With managed IT, we're able to detect any suspicious activity, like an unusual network login or a virus infection. We then take action and fix the issue from our end before it turns into a major problem. Taking preventive action like this can stop a hacker in their tracks.
Call Computerware at (703) 821-8200 to safeguard your business from the worst of the web.
Comments