This is part one of a two-part series on security in the "Age of the APT."
A widespread cyberespionage attack targeting high-level officials at multiple civilian federal government agencies has been underway and under investigation for months now, but the names of all of the victim agencies may never be confirmed publicly, or the extent of the damage incurred by the breaches.
Welcome to the age of the advanced persistent threat (APT)-type attack, where cyberespionage by nation-state attackers is going on all the time across government and private industry, but public disclosure by the victims is mostly voluntary, very rare, and not exactly fully forthcoming. This latest attack on civilian agencies began with what has become typical APT fashion: a clever social engineering email with a malicious but legitimate-looking attachment, according to sources familiar with the attack. That method, as well as variants using a convincing-looking URL within the message, has been used to infiltrate other agencies, defense contractors, and corporations during the past few years.
One thing's for sure: No one is immune from these dogged attacks. "The majority of federal and nonfederal organizations that do any kind of important work of any interest, or overseas--probably most all of them have been hacked by APT-type actors," said security expert Steven Adair of Shadowserver. Adair says victims span just about every industry, from avionics to international law to human rights.
"Literally, no one has been spared over time," he says.
Security professionals often view compliance as a burden, but it doesn't have to be that way. In this report, we show the security team how to partner with the compliance pros. Download the report here. (Free registration required.)