An advanced persistent threat is an attack where an unauthorized person gains access to and resides within an enterprise network, undetected. Their motive is to steal sensitive data rather than damage the network. Unlike other malware infections, APTs are target specific attacks on organizations with a large amount of sensitive information (e.g. source code, trade secrets, personally identifiable information, etc).
- Attackers use variety of attack vectors such cyber attacks, spear phishing, social engineering, infected media, zero-day exploits or rope in someone from the inside such as a contractor or rogue employee.
- APTs escalate rapidly from a single infection to taking over the network by reading an authentication database, stealing credentials, and reusing them.
- Once in, hackers install backdoor Trojans which facilitate access even if the captured log-on credentials get changed when the victim gets a clue about the attack.
- Keeping track of multi-layered approaches through various attack vectors is virtually impossible.
The CNAM Approach
- CNAM monitors any unauthorized access to information minimizing APT risk and provides instant visibility in attack scenarios to actively prevent any damage to the network
- CNAM harvests intelligence from existing deployments from its points-of-presence (PoP) at various locations around the globe to detect emerging attack patterns in real-time
- Attack detection is integrated across network devices, security devices and applications for a comprehensive coverage.
- Transactional data and the attack data remains within the customer's network so that confidentiality and privacy remains intact.