Advanced persistent threats (APTs) are the stealth undercurrent of the daily news on security attacks. IT breaches where data get stolen are so prominent that APTs are getting mentioned but overlooked.
APTs are developed and initiated by organizations with an almost unlimited amount of resources. They have highly skilled and incredibly smart people. They have excellent tools and vast amounts of funds. They have a lot of time to develop their attacks and think things through. It’s mostly the intelligence industry or international terrorist organizations that are behind these organizations. They leverage zero day exploits that are currently unknown to the software manufacturer and once public leave no time to fix them. Encryption algorithms do not get broken but circumvented and the national IT industry has to be careful to not be assumed to be cahoots with national intelligence agencies. The attacks either target data collection and analysis. Or they go after infrastructure and hampering manufacturing processes.
These cyber attacks are being labeled as the war behind the scenes and seem to have gone on for years now.
Data privacy is being lost. I sometimes hear the comment from people, that they do not have anything to hide. I consider this comment careless. I am German and we have it in our own history that politics can change quickly. I hope that nobody ever has to experience that. What was nothing to hide for one day, might well turn into a reason for being chased another day.
When I use my private email and receive an email from my friend that my cat vomited on the carpet, I receive targeted advertisements about pet stain removal products immediately. That is definitely not the intelligence industry monitoring my private emails. That’s big businesses that want make money.
Although the prospect of cyber warfare makes one uncomfortable, I am not worried about business systems being shut down. I am sure that companies will return to pen and pencil quicker than we think. That will slow us down, but not harm us. But the seemingly purposeless data collection about people is scary as well as the infiltration and harming of industry processes. Latest car hacks have shown that attackers were capable of taking over a vehicle. When major networks for water or utilities are targets, I do not have sufficient knowledge to predict the outcome. Definitely scary.
Gerlinde 