How Advanced Persistent Threats Exploit Humans
Advanced Persistent Threats (APT) are a fast growing security concern for ICT users in homes, governments and other organisations. Initial delivery of APT in computer systems is achieved by social engineering people within the organisations. This research employed a preliminary desktop review of how APTs are delivered in organisations computer systems and discovered that spear phishing is the leader in social engineering techniques used in APTs to compromise industrial control systems security. A description on how APTs operate and how spear phishing and click jacking are used as tools to successfully exploit organisational security is presented. In addition the paper briefly describes implications of successful APT attacks in organisations. Further the paper proposes use of the APT awareness stages in order for organisations to improve their security posture through user security awareness
Keywords: Advanced Persistent Threats; Industrial Control Systems, social engineering; security awareness; organisational security
Download Full-Text
ABOUT THE AUTHORS
Mercy Bere-Chitauro
Lecturer Computer Science Department
Fungai Bhunu-Shava
Lecturer Computer Science Department
Attlee Gamundani
Lecturer Computer Science Department
Isaac Nhamu
Lecturer Computer Science Department
Mercy Bere-Chitauro
Lecturer Computer Science Department
Fungai Bhunu-Shava
Lecturer Computer Science Department
Attlee Gamundani
Lecturer Computer Science Department
Isaac Nhamu
Lecturer Computer Science Department