The phenomena of targeted attacks

What can we do to eliminate the risk of the targeted attacks? Obviously, we need to implement some kind of technical solution, which would combine the best ideas in the field of unknown threats detection. However, before talking about the solution, let’s try to understand the nature and the meaning of the “targeted attack,” as well as key principles of an offensive operation.

These days news is filled with similar stories: “As a result of a targeted attack, criminals managed to steal $2 billion from the accounts of 40 banks and financial companies all over the world,” “More than 500 industrial companies working in the fields of construction and metal manufacturing from more than 50 countries all over the world, became victims of a well-planned targeted attack,” “Highly efficient and properly installed malicious software intended to attack the SWIFT system, allowed cybercriminals to steal millions…” and many other similar topics and discussions.

The targeted attacks or so-called APTs are one of the biggest problems of the modern era, and there are many multimillion companies working in the field of their elimination. While trying to visit a cybersecurity expo, we will definitely see the following things: APT is important for sellers, who need to include it into their offer, and for buyers, who have to deal with this problem. At the same time, targeted attacks became incredibly important not only for the giant corporations but even for the companies working in the field of medium and small business. If an attacker wants to reach the assets of a corporation, they could use one of the contractors as a pivot point for their attack.

Unfortunately, such term as “targeted attack” are not really correct. Why? Let’s think about the initial meaning of a cyberattack: “A cyberattack is any type of o ..