Every system connected to the internet in every home, organization, and government entity is relentlessly subject to the attempts of malicious actors to steal their data or exploit their system. Cyber-attacks are prevalent in the digital age because computers (including mobile devices) are ubiquitous in society, because identification of an attacker and attribution is difficult, and because judicial rulings for cyber-crimes are nebulous. Most cyber-attacks are prevented by basic security measures such as firewalls and antivirus applications. However, an elite percentile of the sea of cyber attackers is more persistent, more resourceful, and more sophisticated than the rest. These elite factions are known as Advanced Persistent Threats, and basic security measures are not enough to stop them from compromising some of the best-secured systems around the world.
In our latest brief, entitled “Know your Enemies: A Primer on Advanced Persistent Threats“, the Institute for Critical Infrastructure Technology (ICIT) pulls back the veil on the world’s most prominent threat actors to assist the reader in better understanding its adversaries from countries including Russia, China, Iran, and North Korea. This primer provides an overview of the threat landscape, attack vectors, size and sophistication of threat actors. Some of the Groups and Platforms include: The Elderwood Platform, Topsec, Axiom, Hidden Lynx, Deep Panda, PLA Unit 61398, Putter Panda, Tarh Andishan, Ajax, Bureau 121, Energetic Bear, Uroburos, APT 28, Hammertoss, CrazyDuke, Sandworm, Syrian Electronic Army, Anonymous and Butterfly Group among others.
This brief was written by ICIT Sr. Fellow James Scott and ICIT visiting scholar Drew Spaniel from Carnegie Mellon University.