Many of the CISOs I talk to tell me that “Advanced Persistent Threats” (APT) style attacks are among their top concerns. As I have written about before, the problem with the term APT is that it doesn’t describe this category of threats very accurately. This makes it harder to understand and mitigate this type of threat. Many of the threats we see in this category are not any more “advanced” or technically sophisticated than many of the broad-based attacks currently in use on the Internet. At Microsoft we find that a more accurate and useful term for this category of threat is “targeted attacks by determined adversaries”. The vast majority of these attacks use unpatched vulnerabilities for which updates are available, weak passwords, and social engineering to compromise systems.
Microsoft has released a series of whitepapers that are designed to help organizations understand and manage the risk posed by targeted attacks by determined adversaries. Read more.