Advanced persistent threats (APTs) are on the rise according to multiple studies. Yet how are APTs differenet from traditional malware and botnet infections? What should enterprises do to help mitigate the threat?
Joe Stewart, director of malware research at Dell Secureworks, spends his days looking at APTs in an effort to help classify them and to figure out where they might be coming from. APTs are unique forms of malware that are typically targetted at a specific organization.
“One of the big problems is classification, you’ve got malware that may or may not be detected by antivirus, but even when it is, the a/v may just say it’s ‘xyz’, without telling you anything useful,” Stewart told InternetNews.com.
He noted that it’s interesting to see whether or not the malware has been seen before and if it was involved in a particular attack and has been used by a particular group. Stewart said he gets 30,000 pieces of malware in an average day that he tries to classify.