Hackers come in all shapes and sizes, with varied levels of skills to boot. The generic garden-variety hacker will probably only try to hack your email and send spam, or steal your personal information. However, there are much worse threats out there, like APT hackers. This week, we’ll cover how you can spot these wolves in sheep’s clothing.
An Advanced Persistent Threat (APT) hacker has no interest in your email password or personal information. Instead, they have their sights set a little higher: your business, and everything it’s built on. APT hackers will try to make off with any valuable or confidential information they can find, then sell it to the highest bidder; or, they hijack enough information to steal your business’s identity, making fraudulent purchases of incriminating or expensive merchandise. Whatever their reasons, they want to ruin your business, and without proper precautions, your company can collapse in the event of one of these attacks.
An APT hacker is a serious threat that must be dealt with. Unlike the lone wolf hacker, APT hackers tend to work in packs, taking advantage of their numbers to prey on whoever is most vulnerable. Even the most powerful of networks can be overwhelmed by numbers. Just like the typical worker, these APT hackers are even known to work regular hours in an office, not unlike yourself.
The signs of an APT hacking attack are far more diverse than if a single hacker tries to break into your network. Though the signs might be stronger or more noticable, an APT hacker uses the same techniques as the lone wolf hacker, including phishing emails, or malicious websites which download malware or spyware onto your PC. Here are four signs from InfoWorld that can sound the alarm for an APT attack:
- More late-night logins: A covert operation like an APT hack is likely being done from the shadows, when nobody will notice what is going on. Take note of when your logins are occurring, especially if they are during the wee hours of the night by high-level users.
- Finding backdoor Trojans: Ordinary hackers will only want to access your account once, but APT hackers will want to get back in and steal more of your data. Trojans are a reliable back door if they need to return to the network, even if the login credentials have been changed.
- Unexpected information flows: Large, unexpected flows of data from internal origin points can be problematic, especially if they come from somewhere else entirely (i.e. a different country).
- Discovering unexpected data bundles: If an ATP hacker wants your data, they may gather it in one location before moving it outside of your network. This makes large data packets easier to transfer. Look for information gathering where you know it shouldn’t be.
Think of APT hackers as the white-collar workers to the blue-collar ordinary hackers. These people are professional hackers who want nothing more than to take your business out. You need a powerful solution to keep them at bay. PACE Technical Services can equip your business with an enterprise-level security solution called a Unified Threat Management (UTM) device. The UTM is designed to keep threats out of your network so your business can live to see another day.
PACE Technical Services also offers remote monitoring and maintenance solutions for your business. These proactive managed IT services are designed to detect suspicious activity before it causes major problems. We can fix any issues remotely and efficiently. For more information about how to protect your business, contact PACE Technical Services at 905.763.7896.