How Advanced Persistent Threats Changed Cyber Security

As you read this, hackers all over the world are trying to break into computer systems of every description. Some hackers are good at what they do, with skills that rival those of security professionals. Some work alone, while others work in groups. Most look for weaknesses they can easily exploit, and they are opportunists: They move on to the next target if their first choice is heavily secured.

Those hackers are a chronic nuisance, but, with occasional exceptions, the damage they do is limited. Sites that make security a priority are rarely the victims of the casual hacker.

Consider a different scenario, however, one in which the hackers are true experts, with ample resources and plenty of time. They have the ability to deploy a variety of methods to get what they want, from social engineering to distributing sophisticated malware. They are not randomly surfing the Web in search of vulnerabilities. They have a single-minded focus on a specific target, and they are not easily discouraged, testing and studying that target until they find a way in.

This, in a nutshell, describes the Advanced Persistent Threat (APT), a type of attack that has been increasing over the last decade. Its name clearly describes its nature. Its operators have advanced skills, resources and options. It is persistent, with continuous, long-term focus on a specific target. It is a threat because it is ready, willing and able to do meaningful damage.

Given the level of organization and resources that APTs require, the term has come to be associated with government. Large-scale organized crime may have the resources, but it lacks the persistence characteristic of an APT. That being said, targeted attacks themselves have been increasing. According to Symantec’s annual “Internet Security Threat Report,” last released in April 2012, attacks jumped 81 percent from 2010 to 2011. Perpetrators have diversified, targeting smaller companies and lower-level employees, presumable as a way to gain access to larger organizations and more senior staff.

Criminals want short-term results, however, and there is no inherent reason for them to single out one site instead of another. They go where the money is. An intelligence service has a very different agenda, and potential targets need to be aware that an APT is a different order of threat.

APT is not new, however. The first exploits attributed to ATP occurred in 1998 and continued for two years before they were accidentally discovered. The attacks, dubbed “Moonlight Maze,” targeted NASA, the U.S. Department of Energy and the Pentagon, and the attackers were reported to have accessed thousands of files, many of them containing military information.

The origin of Moonlight Maze was reportedly traced to Russia, but, unsurprisingly, the Russians denied all knowledge of the attacks.

Since then, attacks attributed to APTs have grown more frequent.

In 2006, two U.S. Congressmen discovered that their office networks had been attacked, exposing information about Chinese dissidents.

In 2007, a database in the network of Oak Ridge National Laboratory was compromised. In this case, hackers attacked via social engineering, sending fraudulent emails that staff treated as legitimate. A few days later, Los Alamos National Laboratory was targeted, and, in 2008, malicious code found its way into a U.S. military network, apparently deployed via flash drive.

The Stuxnet worm, the clearest and most famous example of an APT, seems to have been aimed at networks and industrial controls in Iran. Although no one has claimed responsibility for the attack, its sophistication and the apparent lack of a commercial motive make government involvement highly likely.

Since Stuxnet, APTs have appeared regularly, targeting governments, large corporations and the International Monetary Fund.

Identifying an attack as an APT is more a matter of deduction and of industry consensus than of hard and fast evidence, because a realistic assessment of the situation is complicated by the lack of reliable information. Perpetrators are naturally unwilling to come forward, but victims are not necessarily forthcoming. Some victims may not even know they have been compromised. Others worry about tarnished reputations or damage to their share prices.

As a result, we can’t really be sure about the current state of security. We can be quite certain, though, that APTs are there now and that they will be there for as long as we rely on networks and computers to manage our critical business.

About the Author
Megan Horner is the Marketing Coordinator for TrainACE. TrainACE is a Cyber Security Training Company and actively creates advanced security courses like the Advanced Persistent Threat class, Cyber War.

Posted in Uncategorized | Tagged , , , , ,

Advanced Ethical Hacking Training – Bad Ass Class

There is a really bad ass new class out by Advanced Security, its called the Cyber War class. They give this class the tag line “Pen Testing High Security Environments”, which sounds pretty flippin sweet to me. Here is a little glimpse in on what many people are blogging to be the most advanced ethical hacking class anywhere right now:

Posted in Uncategorized | Tagged , ,

Why Computer Forensics Skills are Essential to a Hacker

In order to understand why computer forensics skills are necessary for a hacker, we must first understand exactly what computer forensics is. To put it in its most simplistic form, computer forensics is the collection and examination of computers and all formats of digital storage. Any legal case that involves a computer is going to require someone who is skilled with computer forensics. For example, a computer forensics expert can analyze all of the information on a person’s hard drive, including information that was deleted, to help the police determine what websites a particular person visited and what files they have hidden on their computer. This information can be critical in a legal case as it can be used to conclusively prove someone’s guilt or innocence.

Hackers need to have computer forensics skills for multiple reasons. First, it will allow them to more easily hack into another person’s computer and access all of their files. Secondly, it will help them avoid the detection of computer forensics specialists. If a computer hacker is working above the board as a program specialist, they will also be able to put their computer forensics skills to work for their employer. The average person is not able to access hidden files on a computer without having the proper passwords, but a skilled hacker will be able to pull this off quickly. Once they have, they will use their knowledge of computer forensics to analyze and catalog everything that they find. They will also be able to safely remove the information and store it somewhere else.

In addition to being able to hack into a computer that is either sitting in front of them or they have remotely attached their system to, a hacker will be able to use computer forensics to determine important information from any storage media format. For example, if a hacker is handed a flash drive, they will be able to examine the flash drive’s contents for clues that will lead to the discovery of the person who owns it. Any file that a person creates from their computer contains trace elements of their identity, but most people have no idea how to access this information. Even if the stored information has a fake name attached to it, the hacker will be able to find several other clues as to the file’s origin, including the operating system that was used and the exact time and date that the file was created.

Computer forensics specialists and hackers are most commonly asked to recover deleted files. Having the necessary skills to do this also means knowing how to make something become permanently inaccessible. Hackers have utilized this skill for years, both for their own interests and for companies that have hired them to do so. Knowing how to make something truly disappear forever from a computer is a highly prized skill, and companies that are extremely security cautious may choose to employ hackers to ensure that their private information never falls into the wrong hands.

Check out the computer forensics training at Hacker Halted in Miami, 10/25 – 10/28/12

Posted in Uncategorized | Tagged , , ,

Why the Certified Ethical Hacker is a Fun and Effective CBT Class

In the world of cyber security, there are many different threats coming at businesses and websites from every angle. Because of this, businesses often have to invest large amounts of money in making sure that they are systems are set up to be completely secure. One of the ways that companies can make sure that their systems are airtight is by hiring a certified ethical hacker or CEH. A certified ethical hacker will then try to hack into the system using the same methods that a real cyber criminal might use.

Working as a certified ethical hacker can be a very exciting and interesting job. In order to become certified as an ethical hacker, you have to take the certified ethical hacker course, which is sanctioned by the International Council of E-Commerce Consultants. This course is offered in person and on the Internet. While taking the class in person has some advantages, taking it online can be fun and educational in its own right. If you are thinking about taking the certified ethical hacker course online, here are a few of the benefits that you can realize.

Watch the Demonstrations
One of the big benefits of using the certified ethical hacker course online is that you can watch real examples of the techniques being implemented live online. Most of these courses make it possible for you to watch video conferences of the course. You can even see the computer screen of the teacher as he goes through examples. This makes it possible to get an up-close and personal look at what you will do as a certified ethical hacker. With learning about other topics, online courses may not necessarily be the best way to gain the knowledge you need. However, with the online certified ethical hacker course, it makes a lot of sense because you can see exactly what needs to be done.

Completing the Labs
Another benefit of using the online certified ethical hacker course is that you can complete the labs easily from home. In order to become certified, you have to complete a certain number of lab exercises. During the course, they usually go over the labs in real-time. If you are following along from home, you can easily see what they are doing and then do the labs, since you are already on the computer. This is one of the best ways to learn in a hands-on manner through an online course.

Learn an Exciting and Relevant Skill Set
One of the most obvious reasons that you should consider taking the ethical hacker course online is so that you can learn a skill set that can come in handy later. There are many different jobs out there that actually require you to have a certification as an ethical hacker. This is true in both the private and the public sector. You will know what it takes for hackers to get into a system. When working for a company in cyber security or IT, you will be able to make the appropriate decisions to help beef up the security of your system. Being able to say that you are a certified computer hacker is also pretty cool.

Take at Your Discretion
When taking the certified ethical hacker course online, another big advantage that comes with this method of learning is that you can do it at any time. You don’t have to adhere to the strict class schedule that is set forth by the school giving the course. Instead, you can take the course when you are ready. While some courses use live video conferencing technology, others will archive the videos so that you can watch them at any time. This will give you the information that you need when you are ready for it.

If you want to improve your chances of being able to get a good job in cyber security, you owe it to yourself to become certified as an ethical hacker.

Get information on an online / CBT / self-paced Certified Ethical Hacker class here: http://www.trainace.com/courses/ceh/

Posted in Uncategorized | Tagged , , ,

Ethical, Certified Hackers Always Have a Job

What a world we live in when a hacker can pretty much always count on having a good job.

Hackers are no longer the fleeting, hidden and mischievous people of the cyber-world that attack websites and networks aimlessly with the intention of creating something funny to show their friends the next day. In fact, these days hackers are more highly sought after for their skill sets than almost anyone else in the IT sector.

Ethical and Certified Hackers are needed by organizations of all types to help prevent against today’s cybercrime and information risks that happen on a micro and macro level. The US Department of Defense, Government agencies and public companies both large and small need to penetration test their networks and data storage devices to make sure that they aren’t running unnecessary risks and to prevent against attacks which could lead to safety hazards and money loss.

Why Get Training
Ethical certified hackers are being trained regularly now to meet this demand in employment. A recent employment report showed a greater need for ethical and certified hackers than there are people to fill the open positions. This skill set is sought after and training is available. Typically someone looking for Ethical Hacking Training will seek to find classes for the Certified Ethical Hacker (CEH) certification by the IT security certification leader, the EC-Council.

CEH training is available all over the country but most people want to find a company that offers a class that is run by an experienced penetration tester who can relate real world scenarios to their classes. There are many schools that offer classes from non-experienced instructors, so definitely ask before jumping in.

The leading Certified Ethical Hacker Training provider in the country (according the EC-Council rankings) who has the best core of instructors is called Advanced Security by Academy of Computer Education. They are based out of the DC area and they have instructors who are way above average in knowledge when it comes to penetration testing and who are regular speakers and presenters at some of the major hacking and forensic conferences like Defcon and Blackhat.

Advanced Security by Academy of Computer Education offers classes beyond the CEH as well. In fact, the Advanced Penetration Tester is a class that teaches how to break into networks that are heavily guarded with active security teams and expensive security devices and software. Definitely a must take for the enthusiast.

So, there really is no reason to wait, become an ethical certified hacker right away. The jobs are there and there is probably no profession more exciting!

Posted in Uncategorized | Tagged , , ,