Advanced persistent threat, or APT, may sound unfamiliar to many people. The term is used to describe the cyber attacks that were recently conducted on major broadcast stations and financial institutions including KBS and NongHyup.
What many of us don’t know is that this cyber threat, which could occur in many different forms including sending document files with malicious codes attached, can target any one of us.
“The APT cyber attack is one that can turn the targeted person’s personal computer into a zombie computer for years,” said Shin Min-jung, deputy general manager of security operation division at SK Infosec.
What many of us don’t know is that this cyber threat, which could occur in many different forms including sending document files with malicious codes attached, can target any one of us.
“The APT cyber attack is one that can turn the targeted person’s personal computer into a zombie computer for years,” said Shin Min-jung, deputy general manager of security operation division at SK Infosec.
Once the computer is met with the malicious code, the attacker can view all activities done on the PC, down to email content and online messenger conversations.
“The attacker will be able to specifically monitor what the person is doing for the long term when he or she leaves the computer for a certain period of time,” she said in an interview with The Korea Herald on Tuesday in southern Seoul.
In the case of a local financial firm, it was found later that an employee’s computer was monitored for seven months without the person being aware of it.
“The Internet protocol address comes through many different routes because of backtracking,” said Shin. “And what makes the damage even bigger is that the APT attack ultimately deletes the data saved onto the server.”
This is what differentiates it from another form of cyber threat labeled distributed denial of service, or DDoS. The DDoS attack, which rose as a major threat in 2009, does not get rid of the data, but uses a massive number of zombie PCs to delay the access to certain websites.
Shin said there is no perfect solution to prevent cyber terrorism, but that people must download vaccines on their PCs and smartphones on a daily basis and change their passwords regularly.
“The passwords should be changed from time to time and it must be set differently on each site frequently visited by the person,” according to Shin. “Don’t use default passwords, create a pattern and follow the pattern when changing the password to remember it more clearly. If not, cyber terrorism could occur anytime the hacker wishes to attack.”
By Cho Ji-hyun (sharon@heraldcorp.com)
-
Articles by Korea Herald