List of Potential APT Victims Released

By: Absolute Team | 11/2/2011

Advanced Persistent Threats (APT) have been a hot topic over the last 6 months, topping priority lists, reports, and high-profile breaches. APTs refers to groups with both the capability and the intent to persistently and effectively target a specific entity. In the web sense, this means a that a specific entity will be repeatedly targeted by cyber criminals until an attack is successful. This kind of threat takes a great deal more resources and dedication than we have seen in the past from individual hackers.

While the RSA breach was one of the most publicized breaches of an APT attack, security experts believe that many other corporations were victimized using the same tools and Internet infrastructure.

Krebs on Security has published a list of 760 organizations that 'had networks that were compromised with some of the same resources used to hit RSA.' The list includes 20% of Fortune 100 companies.

As the author indicates, it's not clear how many systems were compromised, for how long, or if sensitive information was taken. It will be interesting to see how companies respond to this list: if it promotes additional disclosures.

Financial Services