The term APT or advanced persistent threat has become increasingly popular due to the new silent threats facing organizations.
An APT campaign involves a targeted highly specialized attack against an organization that is designed to continue over time. This type of campaign is characterized by the use of different entry vectors such as zero-day vulnerabilities or phishing attacks against specific employees of the organization.
In this context, it is common to use malicious software with sophisticated capabilities for infection, propagation and concealment of their malicious activity.
Behind these threats you can find different actors such as foreign governments, activist groups or competing companies seeking to steal R&D, corporate information or damage in time the ICT infrastructure by deploying ransomware for example.
The APT risk is that they are difficult to identify, which can allow the malware to remain latent for years in the system and allow actions to be carried out by hackers on the company’s IT system.
APT Security Testing Objectives
During the APT penetration testing, Tarlogic will perform a simulation of a targeted attack against your organization with the objective of gaining access to corporate infrastructure through different entry vectors and deploying a set of APT tools developed by Tarlogic. This includes:
- Infect the corporate system and gain privileged access to them.
- Perform lateral movements on the organization’s systems.
- Maintain continuous access over time by deploying implants in the organization’s systems.
- Extrapolate sensitive information through silent communication channels, through legitimate network connections and traffic (TCP, UDP, HTTP, HTTPs, DNS,Wi-Fi) to communicate with the Tarlogic control center from which its activity is managed.
Advanced Persistent Threat Test Benefits
- Analyze the cyber resilience of a targeted attack to your organization.
- Evaluate the strength of your organization’s cybersecurity capabilities, the coordination of the different teams, and their incident response processing by detecting, containing and mitigating the risk of this type of threat.
- Our APT tests analyze the implementation of the organization’s security controls: perimeter security, network segmentation, hardening policies, antivirus/XDR solutions, DLP systems, SOCs, etc.
- To test the capabilities of the organization's blue team and threat hunting teams.
During the APT penetration tests, Tarlogic will perform a simulated targeted attack against your organization.
The tests are performed in different phases:
- Reconnaissance of corporate infrastructure and personnel (OSINT, SOCMINT).
- Identification of entry vectors: Compromised of the organization’s systems or phishing attacks or corporate personnel.
- Infections, deployment and persistence of APT tools developed by Tarlogic.
- Execution of lateral movements in the organization for elevation of privileges and access to critical infrastructure systems.
- Extrapolation of confidential information.