APT Attack model Sample Clauses

APT Attack model. Despite the limitations mentioned in the previous section, one of the most referenced models is the one proposed by RSA, which is used for modelling the Advanced Persistent Threat (APT) attacks or Targeted Attacks that normally involve SE techniques [142]. However, this model also focuses most on the attack process and less on its dynamics or the victims. The APT model, depicted in Figure 26, is probably the most common cyber-attack model, which include Social Engineering as core part. APTs are targeted attacks, which mean that there is a well-defined goal and victims are specially selected. The goal is typically used to obtain critical information, which can be valuable itself (e.g. Intellectual Property, or digital money), or may enable further attacks (e.g. knowledge on internal procedures, that could allow effective fraud schema). This kind of attacks are mainly built to circumvent the existing technological countermeasures, obtain privileged access to the company infrastructure and then expand in order to reach the final goal. There are a lot of examples regarding this kind of attacks, which are different for exploits or attack vectors, but they all have something in common: the core part of the attack is related to Social Engineering. In order to obtain a privileged access inside the company network, attackers exploit humans deceiving them to conduct a dangerous behaviour. The combination of technological and “social” attack vectors with certain techniques makes APTs really dangerous, as a matter of fact, all kind of companies can be potentially targeted: even RSA, one of the most famous information security firms [143]. In this particular example, it is interesting how the analysis outlines a possible typical attack model that begins with a social engineering attack and ends with the data exfiltration. 53 For example. ▇. ▇▇▇▇▇▇▇, ▇. ▇▇, ▇. Chan, and Y.-▇. Tian, “Social engineering in social networking sites: Affect- based model,” presented at the 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013), Dec-2013. Figure 26 describes an Advanced Persistent Threat model with further information than the one proposed from RSA, it also includes specific phases executed before the SE attack itself with the purpose of retrieving specific information in order to create a highly contextualized and potential effective attack [144].