Advanced Persistent Threats: Not-So-Advanced Methods After All

Cybercriminals are taking a more systematic approach with their attack techniques, new IBM report finds

Dark Reading Staff, Dark Reading

March 29, 2013

1 Min Read

Cybercriminals behind heavily funded hacking operations are not necessarily using highly sophisticated malware to gain access to sensitive data or to spy on employees, according to a study released this week by IBM (NYSE:IBM).

Attackers behind many of the so-called advanced persistent threats are known for targeting specific organizations, infiltrating them and remaining stealthy for lengthy periods of time. But cybercriminals, even those backed by powerful nation-states, often use fairly common hacking techniques and less sophisticated methods to gain initial access to systems and steal data.

"More often than not, these efforts follow a path of least resistance and rely on simpler, tried-and-true methods rather than zero-day attacks and sophisticated malware," wrote Leslie Horacek, who authored the IBM X-Force Trend and Risk Report. "Advanced persistent threats, while persistent, did not always use advanced technical approaches such as zero-day exploits and self-modifying malware."

Read the full story here on CRN

Post a comment to the original version of this story on CRN

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights