Why I Make Fun of Advanced Persistent Threat (APT)

If you follow this blog, you may have noticed that I made fun of Advanced Persistent Threat on several occasions. I published APT haiku (thanks to all who contributed) and a series of APT cartoons. I established the Certified APT Nerd (CAPTN) professional credential with an exam. I also launched the APT Merchandise Store, where the most popular item is the “My APT Can Beat Up Your APT” t-shirt.

Why do I make fun of this serious topic? Because I care.

Many computer security incidents result from mass-scale attacks. Some incidents result from targeted attacks. A subset of targeted attacks, affecting relatively few organizations, is being called APT. (This is a form of malicious market segmentation.)

APT attackers are highly-skilled, determined and have a long-term perspective on their mission. As the result, it is difficult to detect and respond to such incidents, with the IR process spanning months or even years. Dealing with APT is expensive. The impact of the data loss resulting from an APT incident is costly, too.

The media’s attention to high-profile APT incidents has turned APT into a marketing buzzword. It is simply too convenient for security product and service vendors to use APT as part of sales and marketing efforts, even though the majority of these offerings don’t directly deal with APT.

I make fun of APT in the hopes that this will make it harder to use APT as a generic marketing buzzword or a boogeyman du jour. I also make fun of it because FUD-based marketing techniques, when taken to an extreme, can be quite humorous, and the job of an information security professional is too hard if it is always taken seriously.

And with that in mind, I present to you APT cartoon #6: APT Goes Mainstream on TV.

Updated

About the Author

Lenny Zeltser is a seasoned business and technology leader with extensive information security experience. He presently oversees the financial success and expansion of infosec services and SaaS products at NCR. He also trains incident response and digital forensics professionals at SANS Institute. Lenny frequently speaks at industry events, writes articles and has co-authored books. He has earned the prestigious GIAC Security Expert designation, has an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.

Learn more