Some technologies and common processes used by organisations today can conceal cyberthreats. These factors increasingly expose organisations to emerging cybersecurity challenges such as Advanced Persistent Threats (APTs), cloud security risks, and cyber supply chain risks.
Threat actors behind APTs such as malware and ransomware are sophisticated and use a variety of stealth techniques to compromise systems and data at high value organisations. These may include phishing campaigns, creating backdoors to critical organisational resources and data, or indulging in web server exploitation.
Many APTs are carried out by state-sponsored groups and target valuable data, assets, and properties of rival countries. They are often motivated by financial gain or cyber espionage for intellectual property theft, and sometimes even hacktivism. The dwell time of APTs is high, which means they can remain undetected in the host systems for weeks or months. In addition to targeting public entities, APTs are known to take aim at companies that work with governments in the region.
To prevent APTs, public and private sector organisations in APAC must bolster their cybersecurity posture. They can avoid blind spots that may harbour APTs by deploying broader technical controls. These controls deploy detection capabilities across the network and endpoints and offer comprehensive visibility into evolving threats.