2019
DOI: 10.1016/j.cose.2019.07.001
|View full text |Cite
|
Sign up to set email alerts
|

Strategically-motivated advanced persistent threat: Definition, process, tactics and a disinformation model of counterattack

Abstract: Advanced persistent threat (APT) is widely acknowledged to be the most sophisticated and potent class of security threat. APT refers to knowledgeable human attackers that are organized, highly sophisticated and motivated to achieve their objectives against a targeted organization(s) over a prolonged period. Strategically-motivated APTs or S-APTs are distinct in that they draw their objectives from the broader strategic agenda of third parties such as criminal syndicates, nation-states, and rival corporations. … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
44
0

Year Published

2019
2019
2024
2024

Publication Types

Select...
7
1

Relationship

0
8

Authors

Journals

citations
Cited by 99 publications
(44 citation statements)
references
References 49 publications
0
44
0
Order By: Relevance
“…It must be noted that when speaking about the cyberspace actors who believe they do good, one could also mention the nation-state actors. This kind of actors has been presented in detail in [8,[57][58][59]. However, this paper does not categorise nation-states as the 'stray sheep', as they are aware of what they are doing and their actions are deliberate, calculated and planned.…”
Section: Nation-state Actorsmentioning
confidence: 99%
“…It must be noted that when speaking about the cyberspace actors who believe they do good, one could also mention the nation-state actors. This kind of actors has been presented in detail in [8,[57][58][59]. However, this paper does not categorise nation-states as the 'stray sheep', as they are aware of what they are doing and their actions are deliberate, calculated and planned.…”
Section: Nation-state Actorsmentioning
confidence: 99%
“…The definition of APT (Advanced Persistent Threat) [41] refers to "an entity that engages in a malicious, organized, and highly sophisticated long-term or reiterated network intrusion and exploitation operations to obtain information from a target organization, sabotage its operations, or both". With such description in mind, one can definitely state that a BitM infrastructure may be part of a set of tools used to mount an APT.…”
Section: Mitb and Bitmmentioning
confidence: 99%
“…Stage 5 -Further automated scans [+ 17 mins] While the login attempts temporarily stop at 3; the number of SYN packets rises again, the number of accesses to Index.php rises to more than 20 every second and attempts to access /admin shoots to more than 1300. This indicates a return to automatic scanning tools, possibly dirb 1 . This stage continues until with 783 SYN packets, 11 blank login attempts and 12,004 attempts to access the /admin folder, as shown below.…”
Section: Penetration Test Process Summarymentioning
confidence: 99%
“…Ahmad et al [1] have recently defined APTs as "An entity that engages in a malicious, organized, and highly sophisticated long-term or reiterated network intrusion and exploitation operation to obtain information from a target organization, sabotage its operations, or both". APTs conduct stealthy operations on specifically selected target organisations and their level of sophistication includes the exploitation and even harvesting zero-day vulnerabilities.…”
Section: Introductionmentioning
confidence: 99%