A new acronym has become common parlance among computer and network security specialists: APT. The acronym stands for Advanced Persistent Threat, and it is usually used in the plural since there is a multitude of such threats populating the online world. Last July, more than a hundred influential leaders in government and business IT applications gathered to discuss the growth of APTs and what can be done to prevent them from having an impact on private industry.
Hacking and malware are nothing new, but 2011 so far has witnessed ferocious growth in both the number and scale of attacks. In addition, recent attacks can be characterized as bolder, featuring highly customized and targeted efforts that make use of both technological and human-based entrances into systems, in particular including the flaws present in much of the social media world. Industry experts, however, are reluctant to issue a precise definition of an APT because the malware world is constantly shifting and changing. Defining APTs too narrowly could lead to a dangerous form of tunnel vision because the nature of APTs will quickly outstrip any such definition.
In the case of APTs as well as all other malware and attempted intrusions, the best offense is often a good defense. One way to provide a business with a robust security policy that can be enforced even when personnel go home for the day is to adopt a managed services model with a qualified IT company providing hosted IT solutions that are monitored 24/7.