Why AD360

A proven leader in identity and access management

ManageEngine AD360 offers a dynamic and scalable platform designed to centralize identity management within your operational framework.

Irrespective of your industry, specific use cases, or support requirements, AD360 is uniquely equipped to meet your diverse needs effectively and comprehensively.

9 out of every 10 Fortune 100 companies trust ManageEngine

Companies logosCompanies logos
Solutions

"We were able to meet the compliance stipulations of our Community Connect host, who looks after our medical records system.

What I appreciated most was the stricter control we've achieved over our domain admin accounts."

Jarod Davis,
Computer Technician,
Reedsburg Area Medical Center
Schedule a demo
30 minute personalised live demo

See how AD360 can help your organization to manage, protect, and empower identities - from a single centralised web console.

After the demo, you will be able to:
  • Automate user onboarding and offboarding
  • Detect suspicious user activities with UBA-driven audits and alerts
  • Enable one-click access to enterprise apps with MFA-powered SSO
  • Reduce IT tickets with self-service password reset and account unlock
  • Enable non-admin users to perform IT tasks with help desk delegation
  • Manage, audit, and monitor with Microsoft 365 management and security
 

How mobile phones foster APT attacks: An overview

By Dhilip
Published on March 21, 2022

Mobile phones are no longer just phones. With the increase in remote work and adoption of BYOD

Also known as Bring Your Own Technology, BYOD is a strategy in which organizations approve of unauthorized devices brought by employees to access enterprise network and on-premises/cloud based resources as opposed to the ones approved by the company.
policies, mobile phones have become entry points to access corporate data and resources. Therefore, it’s not a surprise that threat actors have started to target mobile phones.

According to the 2021 Verizon Data Breach Investigations Report, "phishing

A cyberattack that aims to extract sensitive information/credentials from the user by posing as content from a trustworthy source— emails, messages containing spurious information such as false alarms, rewards et al. Phishing is used as a gateway for threat actors to infiltrate a target network.
remains one of the top Action varieties in breaches and has done so for the past two years." Once malware is installed via a phishing campaign in the mobile phone, attackers try to elevate the privilege of the corporate user account that's used in the device or perform espionage by installing additional malware that ends up siphoning data off the mobile phone. advanced persistent threat (APT)
A myriad of cyberattacks carried out stealthily by an individual or a group of threat actors deploying various tactics to endanger a network's security for a prolonged period. APT attacks are generally executed by nation-state actors with the intent to steal data and sabotage resources.
age.

Why should you take APTs seriously?

APTs are a serious issue, because they are difficult to detect. Undetected, they can quietly siphon off your data over a long period. One example of an APT is the infamous Target data breach of 2013. As noted in a Bloomberg Business article published after the attack, “in the days prior to Thanksgiving 2013, someone installed malware in Target’s security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores…On Dec. 2, the credit card numbers started flowing out.” By the time the breach was identified, over 40 million credit card numbers had been stolen.

This is just one example of how much damage can be caused by APT cyberattacks. Every organization should be wary of the threats APTs pose, because mobile devices are ubiquitous, and it is harder to implement stringent security measures on mobile devices than on laptops and systems.

How can you protect yourself from APTs?

Even though APTs are highly sophisticated and stealthy, there are ways in which you can defend your business’ IT infrastructure against them .

There are three stages to protecting yourself from APTs.

  • Prevention
  • Mitigation
  • Vigilance

Preventing APTs

As with any incident, prevention is always better than recovery and making sure APTs don’t get a foothold in your mobile devices is the optimal solution. Even though APTs are different from run-of-the-mill malware

The shortened form for Malicious Software, malware is a software code whose purpose is to compromise network security and perform post-exploitation activities.
and spamware, which are abundant in the mobile ecosystem, the strategy for preventing APTs and malware are quite similar.

Strong perimeter defenses such as firewalls

A software barrier that stands between the internet and an organizational network, Firewall inspects incoming traffic and filter the malicious ones out before entering into the network.
and antivirus solutions play a key role in preventing APT malware from being installed on your devices. However, a firewall or antivirus solution is only as effective as the vigilance of your users. A careless user who has elevated privileges can end up compromising their devices, leading to a breach even if you have the best firewall.

This is why it's essential to train your employees who have access to critical data to:

  • Not share account credentials under any circumstances.
  • Recognize phishing attempts.
  • Practice safe web browsing.

Limiting access to data if an APT gets on the system

Perimeter defenses are not infallible, and every security system should be designed with that fact in mind. Additional layers are important to protect your devices in anticipation of attacks. A perimeter defense can help you stop certain breach attempts, but it cannot protect from APTs that utilize stolen credentials. In the event a user’s device has been compromised, the primary aim should be to limit the damage caused by the APT by implementing strong internal security policies.

Security measures like safeguarding business-critical apps and databases behind separate internal firewalls or in a demilitarized zone will limit APT malware from moving laterally and accessing high-profile resources. Additionally, properly encrypting

The process of ciphering data to render it illegible for unauthorized users. The designated receiver can access an encrypted data by implementing a decryption algorithm
data at rest and in transmission can help reduce the amount of data the APT can access.

Closely monitor incoming and outgoing data traffic

Constant vigilance is key! Always be on the lookout for signatures or anomalous behaviors that could potentially be an APT attack on your devices. Steps like closely monitoring who accesses your sensitive data and measuring abnormal amounts of data being transmitted from a particular device is a cause of concern that has to be investigated as soon as they are detected.

In the Target APT attack of 2013, the theft of 40 million credit cards happened gradually as malware moved sensitive data from secure servers to less secure ones before sending all the data to Moscow.

Choosing the right solution to prevent APTs

It is highly recommended you have an event logging solution for tracking data movement and access. A comprehensive auditing tool like ManageEngine ADAudit Plus can help you monitor all accesses on your file servers and send comprehensive reports to your registered email address, allowing you to focus on other tasks without compromising on security.

Following these three strategies of prevention, mitigation, and monitoring can help organizations of all sizes protect themselves against APTs.

Related Stories

Chat now
   

Hello!
How can we help you?

I have a sales question  

I need a personalized demo  

I need to talk to someone now  

E-mail our sales team  

Book a meeting  

Chat with sales now  

Back

Book your personalized demo

Thanks for registering, we will get back at you shortly!

Preferred date for demo
  •  
    • Please choose an option.
    • Please choose an option.
  •  
  • Functionalities you’re interested in*
    This field is required.

    Done

     
  • Contact Information
    •  
    •  
    •  
    •  
  • By clicking ‘Schedule a demo’, you agree to processing of personal data according to the Privacy Policy.
Back

Book a meeting

Thanks for registering, we will get back at you shortly!

Topic

What would you like to discuss?

  •  
  • Details
  •  
    • Please choose an option.
    • Please choose an option.
    Contact Information
    •  
    •  
    •  
    •  
  • By clicking ‘Book Meeting’, you agree to processing of personal data according to the Privacy Policy.
Back to Top

Thank you for subscribing our newsletter

Actionable cybersecurity insights, straight to your inbox

Thank you for subscribing newsletter

You have already subscribed to our newletter

  • US
  • By clicking "Subscribe now", you agree to processing of personal data according to the Privacy Policy.