Targeted attacks are threats aimed directly as specific categories. These are called Advanced Persistent Threats (APT). These threats are created specifically to victimize a certain individual or organization.
The experts at welivesecurity indicate that APTs have special objectives:
Pursue its objectives repeatedly over an extended period of time
Adapts to defenders’ efforts to resist
Determine to maintain the level of interaction needed to executive objectives
APTs can seriously impair an organization’s efforts to function properly. APTs are usually planted as seeds which grow into threats that can endure for an extensive amount of time. Over time APTs can adapt, change, and spread across a network infrastructure. APTs can then expose 0-day vulnerabilities, thus creating vulnerabilities that have yet to manifest itself.
APTs have a history of attacking various organizations, including those in banking, business, educational, government, and medical organizations. The attacks are never random, and any business without ample protection would be at risk for an attack.
Threats such as these have layers and phases of attack cycles. Such method include cyber, physical, and even deception.
According to the Identity Theft Resource Center there were 720 major data breaches in 2014.
Banking/Credit/Financial: 41 Breaches
Business: 237 Breaches
Educational: 54 Breaches
Government/Military: 84 Breaches
Medical/Healthcare: 304 Breaches
Sources indicate that these are well-known public attacks. These numbers only represent the incidents that were reported. An even greater number is estimated for unreported attacks which have been hidden from the public eye to protect the organization from negative publicity.
In light of the recent attacks, awareness for IT security increased:
63% now regularly change passwords for websites and online services
56% have taken steps to strengthen their antivirus protection
51% have activated PIN or password protection on tablets and smartphones
50% percent now avoid duplicating passwords across multiple sites and services
32% have, where supported, activated, two-factor authentication for logging in.
While many are embracing IT security as a part of their day-to-day responsibilities, 5.5% of users are still unprotected against these attacks.
Easy steps such as two-factor authentication are making progress. Longer passwords with phrases are also becoming the norm. Password strength meters can now be seen on most up-to-date websites. These efforts strengthen our defenses against cyber-attacks, but only until cyber-criminals find another way to malign your data. Always be up-to-date with the latest in cyber security to protect yourself from cyber-attacks.