As businesses rely on IT is growing, APT malicious attack could be a means to combat competitors. Currently, APT targets are mainly political and economic purposes into two categories. The APT attacks carried out for economic purposes can acquire a competitor's trade information, IT can also use the competitor's system to a standstill, so any business are likely to become targets, is currently the most serious network security threats faced by many enterprises one.
"Traditional and relatively attacks, under the APT is a larger chess." Recently, the technical director of Barracuda fish Jia Yubin case said in an interview with reporters, "APT attack not only the use of technology, more of a combination of non-technical means, such as access to information is a key target for internal staff through social networks, through which information can make the attacks more effective and expeditious. "
Currently, the fast pace of innovation in IT technology, and science and technology development, but also led to any new technology are likely to be exploited by hackers. Jia Yubin said: "From the point of view entrance APT attacks, hackers can through phishing emails, BYOD management vulnerability, and may enter through third-party content network target path which will lead to very difficult for APT defense becomes, not only. from the technical aspects, but also with a certain degree of management tools. "
APT attack lurking deeper than, strong concealment, once discovered vulnerabilities will be fatal to the target of the attack. In this regard Jia Yubin said: security vendors and more from the point of view, the use of technical means alone is difficult to 100% guarantee not to attack by APT, we need to meet management tools in order to maximize the damage done to reduce the suffering of APT attacks.
Jia Yubin this recommendation, in front of the defense APT attacks, companies need to consider the overall safety issue, try to eliminate "dead ends." In terms of technology, the need for APT attacks need to be protected from the following aspects:
1) The network layer --- defense mainly through a network firewall to establish a plurality of the DMZ to the internal network hierarchical design using multiple firewalls isolation;
2) Application Layer --- mainly through the deployment of WEB application firewall to protect WEB applications, including application-layer defense against DDOS attacks;
3) If the business presence of BYOD, it is necessary to ensure that these employees to access the corporate network devices including mobile terminal devices will not be a springboard for the attacker;
4) If you choose to use enterprise cloud solutions require cloud service providers to ensure the security of cloud services, such as security measures cloud management, security WEB applications running in the cloud and so on;
5) Host Security, which is to ensure the hosts have carried out reinforcement;
6) database security, database auditing strengthened;
7) cryptography and encryption methods.
For security vendors, APT attack while growing proliferation challenges posed no doubt and opportunities. APT attack the face of this dish even more difficult to prevent and secluded chess game, you also need security vendors to provide a more detailed solution.
Reproduced in: https: //www.cnblogs.com/kungfupanda/p/3520524.html