informa
Quick Hits

Advanced Persistent Threats: Not-So-Advanced Methods After All

Cybercriminals are taking a more systematic approach with their attack techniques, new IBM report finds
Cybercriminals behind heavily funded hacking operations are not necessarily using highly sophisticated malware to gain access to sensitive data or to spy on employees, according to a study released this week by IBM (NYSE:IBM).

Attackers behind many of the so-called advanced persistent threats are known for targeting specific organizations, infiltrating them and remaining stealthy for lengthy periods of time. But cybercriminals, even those backed by powerful nation-states, often use fairly common hacking techniques and less sophisticated methods to gain initial access to systems and steal data.

"More often than not, these efforts follow a path of least resistance and rely on simpler, tried-and-true methods rather than zero-day attacks and sophisticated malware," wrote Leslie Horacek, who authored the IBM X-Force Trend and Risk Report. "Advanced persistent threats, while persistent, did not always use advanced technical approaches such as zero-day exploits and self-modifying malware."

Read the full story here on CRN

Post a comment to the original version of this story on CRN

Recommended Reading: