• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   Targeted Attacks: Is the Enemy at the Gate?

Targeted Attacks: Is the Enemy at the Gate?

  • Posted on:April 20, 2015
  • Posted in:Security, Targeted Attacks
  • Posted by:
    Bob Corson
0

During a recent business trip to Tokyo, I was witness to a not-so-stealthy attack by none other than Godzilla. As you may conclude from the image above, at the time of the photo, part of Tokyo was spared the wrath of the large green monster thanks to a strong perimeter. Or was it? It struck me the picture I snapped with my iPhone, prior to narrowly escaping to safety, was analogous to a major misconception behind targeted attacks and advanced threats.

The train of thought proceeds as follows. For thousands of years, defense at the perimeter has been a basic tenet of good security practice. From the medieval concept of moats, ramparts and guard towers, to the electric fence, and onto modern IT security firewalls, gateways, IPS, and so on.  The logic is to prevent any form of threat from reaching that which the perimeter is designed to protect. Yet, as has been the case for thousands of years, prudent security measures require a defense in-depth approach. The tenet being the acceptance of both predictable and unpredictable conditions under which a defensive measure might be defeated or rendered useless. So how does this relate to Godzilla?

Unlike the tradition of defending at the perimeter, the threat of targeted attacks and advanced threats can originate from within a point of vulnerability that perimeter defenses are designed to help secure.  Consider the following:

Connectivity to External Networks: You likely have networked devices from employees, customers, suppliers, contractors and others, which are being carried into any of the physical locations of your organization. Prior to being walked in the door of your enterprise and connected to your networks, it is also highly likely the whereabouts and usage of any of these connected devices is beyond your control or influence and therefore a potential Achilles heel for an adversary to exploit.

Island Hopping: You likely have connections with outside suppliers, customers, employees or others for purposes of communication, data sharing, transaction processing and many other functions. However, it is also likely you do not have control nor the ability to determine if any of the networks from which this traffic came is being used for a legitimate business purpose, or as conduit for an adversary to exploit.

Poison the Well: In addition by leveraging any of the points of attack above, it is more than possible that an attacker could exploit internal applications, systems and processes behind your perimeter defenses without your firewall, gateway, IPS or other devices ever sounding an alarm bell.

Conclusion: It is well within the realm of possibility that an adversary could bypass your perimeter IT security defenses by simply having a malicious payload walked through your door, by island hoping their way in through a trusted connection and by exploiting internal applications and processes.

Taking a second look at the Godzilla picture… the perspective we all need to consider is the fact Godzilla is not being stopped by the perimeter but in fact is already inside and behind it.

To learn more about how Trend Micro Deep Discovery Inspector can help you detect and respond to targeted attacks at, behind and within your perimeter, please stop by booth 1607 at RSA Conference 2015 and/or download our whitepaper on how Trend Micro can provide your organization with a 360-degree view into targeted attacks.

Related posts:

  1. To Respond to Targeted Attacks, You Must Detect the Unseen
  2. Best practices for combating targeted attacks
  3. Do you have what it takes to Detect and Respond to Targeted Attacks?
  4. Devising a cyber security strategy for targeted attacks

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.