The National Cybersecurity and Communications Integration Center issued a technical alert in response to multiple reports of advanced persistent threat actors actively exploiting trust relationships in information technology service provider networks.
Since May 2016, APT actors have used various tactics, techniques, and procedures for cyberespionage and intellectual property theft worldwide. APT actors have targeted victims in several U.S. critical infrastructure sectors, including IT, energy, healthcare and public health, communications, and critical manufacturing.
A successful network intrusion can have severe effects on the affected organization, particularly if the compromise becomes public. They include:
|- Temporary or permanent loss of sensitive or proprietary information.
- Disruption to regular operations.
- Financial losses to restore systems and files.
- Potential harm to the organization's reputation.
The NCCIC said potential targets include parent companies, connected partners, and contracted managed service providers and cloud serviced providers. APT actors can leverage legitimate credentials to expand unauthorized access, maintain persistence, exfiltrate data, and conduct other operations under the pretext of authorized activity. Leveraging legitimate credentials also allows APT actors to access other devices and trusted networks, enabling them to maintain persistence and obfuscate detection tools.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
