What is an APT attack?
This is where an unauthorized hacker gains access and maintains a presence in a network to get access to critical files A hacker can stay in a network for 100 days without being detected Once they get to access the files are locked and the victim has to pay a ransom in order to gain access The files are encrypted and the victim can’t decrypt them without a decryption key from the intruder.
Consequences of an APT attack
- Loss of data
- Private information may be publicized
- Disruption of business
How to prevent an ATP
- Have a regular backup and test the backups
- Keep systems updated and patched
- Conduct Regular phishing tests and keep your colleagues updated
- Segment and segregate your network
- Disable remote management protocols when not needed.
CREDITS: Infosec