APT - Advanced Persistent Threat

One of the latest buzzwords in the security world is APT, also known as Advanced Persistent Threat. If you live in the Bay Area, and you've been listening to news reports, you've heard this buzzword quite a bit in the last couple of weeks in response to Senator Dianne Feinstein's announcement that Cyber threats are the number one issue for her. A number of commentators on Senator Feinstein's news, all industry veterans have brought up the topic of APT. It makes you wonder if this something new you should be worried about.

The truth is that APT doesn't refer to any new malware, trojan or virus. Instead it refers to the application of cybercrime and hacking to a specific targeted group. So consider it a fancy new way to talk about cyber threats that are targeted at individuals or groups of individuals, where the hacker has some knowledge about that person or group of people.

In relation to the web and web security, this could be a group of people targeted because they are all friends of one person, whose facebook account has been hacked, and they all receive notices that their friend is in trouble and needs help, or that friend has shared a video they should watch, etc, all leading to different types of cyber crime, typically none of which is new, but rather malware or phishing schemes that have been around for years.

In relation to Senator Feinstein's comments, APT also refers to the government or specifically specific groups within the government to get either information, or to cause problems with the network or infrastructure.

So what can any organization do about APT? The key is to remain diligent about web security, and of course that involves the Secure Web Gateway and the proxy, the subject that's the prime purpose of this blog. Keep up to date with the latest technologies for security for your proxy with anti-malware, real-time ratings, SSL inspection, and other newer threat detection mechanisms. The other side of this is of course, web application security for your existing web servers. This is the purpose of the reverse proxy or web application firewall, a topic for discussion in a future blog post.