Modern computing systems are essentially black boxes that accept inputs and generate outputs, but provide little-to-no visibility of their inner workings, according to DARPA. It can therefore be extremely challenging to detect an intruder, particularly an ‘Advanced Persistent Threat’: a form of attack in which the adversary slowly and deliberately expands their presence in an enterprise network over long periods of time. Such adversaries can disguise themselves, appearing to be legitimate system administrators when their individual activities are viewed in isolation.
IDST Pro Access Required
This analysis is part of IDST premium intelligence.
Subscribe to Continue ReadingAlready a member? Log in