An almanac for advanced persistent threats
- By Zach Noble
- Nov 03, 2015
What: The Institute for Critical Infrastructure Technology's "Know Your Enemies: A Primer on Advanced Persistent Threat Groups"
Why: Call it "Advanced Persistent Threats 101"
ICIT’s roundup of global hacker organizations offers insight into the methods, support and identities of some of the worst cyber threats on the planet.
The document is a mini-encyclopedia that comprehensively surveys the methods, known attacks and available intelligence on 19 hacker groups believed to be operating out of China, Iran, Russia, Syria, North Korea and the United States, from Anonymous (the global hacking mob) to Quedagh/Sandworm (the "Dune"-reading, likely state-sponsored Russians).
Of course, ICIT's authors make careful note of the fact that the cyber threat landscape is ever-changing, and no static document can encompass the enormous diversity of active hacking groups.
The primer also includes an extensive glossary defining cybersecurity terms and attack vectors.
Verbatim: "These elite factions are known as Advanced Persistent Threats, and basic security measures are not enough to stop them from compromising some of the best-secured systems around the world. Globally, at least a hundred advanced persistent threat groups are currently operational as criminal operations, mercenary groups, or nation-state sponsored divisions."
Read the full primer here.
Zach Noble is a former FCW staff writer.