Survey Says IT Underestimates Threat of APT Attacks

A survey conducted by the Information Systems Audit and Control Association (ISACA) concluded that advanced persistent threats (APTs) could be creeping into IT by not being fully understood.

While 96 percent of the respondents to the survey said that they are at least "somewhat familiar" with APTs, 53 percent said that they do not believe that APTs differ in nature from traditional threats. At the same time, more than 60 percent said that they believe that it is only a matter of time until their organization will be targeted by APTs. About 20 percent said that their organization was hit by an APT attack in the past.

ISACA's survey included "more than 1,500 security professionals", 94 percent of which stated that "APTs represent a credible threat to national security and economic stability." APTs are generally characterized as an espionage tactic often intended to steal intellectual property.

"APTs are sophisticated, stealthy and unrelenting," said Christos Dimitriadis, international vice president of ISACA. "Traditional cyberthreats often move right on if they cannot penetrate their initial target, but an APT will continually attempt to penetrate the desired target until it meets its objective—and once it does, it can disguise itself and morph when needed, making it difficult to identify or stop."

ISACA said that organizations generally believe they can respond to APT's with 60 percent of respondents claiming preparedness, but they do so by using antivirus and antimalware (95 percent), as well as network perimeter technologies such as firewalls (93 percent), which are known to be ineffective in defending a target against an APT attack. More than 80 percent say their organizations have not updated their security software vendor agreements to protect them against APTs.

Wolfgang Gruener is a contributor to Tom's IT Pro. He is currently principal analyst at Ndicio Research, a market analysis firm that focuses on cloud computing and disruptive technologies, and maintains the conceivablytech.com blog. An 18-year veteran in IT journalism and market research, he previously published TG Daily and was managing editor of Tom's Hardware news, which he grew from a link collection in the early 2000s into one of the most comprehensive and trusted technology news sources.

See here for all of Wolfgang's Tom's IT Pro articles.

Check Out These Recent IT Slideshows

• Slideshow: Rugged Tech for the Enterprise
• Slideshow: The Ten Most Influential People in IT
• Slideshow: Essential Open Source Tools for the System Administrator
• Slideshow: Top Ten Major Security Breaches of 2012
• An Illustrated Guide to Making the Move to 10 Gigabit Ethernet
• Slideshow: Essential Proprietary Network Admin Tools
• Slideshow: Top Paying Technology Jobs by Position
• An Illustrated History of Hacking Through The Years
• Slideshow: Gadgets for the System Administrator's Toolbox
• Slideshow: A Guide to Trading Your Laptop for a Tablet
• Cloud Acronyms Illustrated: SaaS, PaaS, IaaS, and More
• Slideshow: Intel Processors Over the Years
• An Illustrated History of Hacking Through The Years
• Slideshow: Horrifying Data Center Disasters
• Slideshow: Top 10 Cities for IT Jobs
• Slideshow: Intel Processors Over the Years