Advanced Persistent Threats Can Be Eradicated From Networks

Tips on getting rid of APTs from large networks.

By Enterprise Networking Planet Staff | Posted Oct 27, 2010
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

In an article on Info World, Security Advisor Roger Grimes offers tips on getting rid of APTs from large networks. Although difficult to remove from your network without severely disrupting revenue-generating operations, advanced persistent threats are easy to detect. Grimes suggests careful and stealthy planning will help find, eliminate or reduce APT attacks, while not alerting attackers to your efforts.


"If you're an IT admin, communicate the known extent of the problem and initial plans for dealing with the advanced persistent threat to IT senior management. This will often morph into presentations to overall senior management, likely to the board of directors, regulators, partners, vendors, and so on. Let senior management dictate who gets to know what and when. The first major technical response should be to implement more detection across your network; you need to find out the severity of the APT problem. Which computers are owned? Are passwords known? What tools and malware are being used? Is email compromised? Where is the data flowing to, both internally and externally? At a minimum, detecting APT usually means implementing host and network intrusion detection software if it is not already in use."

Read the Full Story at Info World

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter