Advanced Persistent Threat (APT)

77% of companies have been affected by cyber attacks, whilst the remaining 23% are unaware that they will be.

All organisations (governmental bodies, critical national infrastructure operators, small and big companies) are exposed to various cyber threats.

Among these, the Advanced Persistent Threat (APT) is often considered the most dangerous and paradoxically the most discreet, with attackers typically seeking to exploit people as opposed to vulnerable systems within a targeted organisation.

Attacks are often:

  • complex (more than 50 pieces of malware can be used)
  • targeted (malware is often developed specifically for the identified target)
  • organised (many attackers with different profiles as well as Tactics, Techniques and Procedures (TTPs)),
  • discreet (the average time before discovery is more than 1 year).

In the majority of cases, the first step of an APT attack involves sending infected emails to a selection of people within an organisation. When one of the addressees opens the attachment, the piece of malware is introduced into the network. From this moment, the external attacker can remotely take control of the workstation and start exploring the network, looking for sensitive data.

Today Airbus Defence and Space - CyberSecurity proposes an approach adapted to your organisation, based on a triple analysis:

  • analysis of the working stations' activity
  • analysis of the network activity
  • forensics investigation of historical activity

As a defence contractor, all our experts are cleared at confidential level and we know how to handle sensitive and classified information appropriately.

When an attack occurs, our incident response approach operates from end-to-end, utilising tested best-practice mechanisms and procedures:

  • forensics intervention on site,
  • reverse engineering,
  • legal expertise,
  • crisis local architecture
  • encryption of all communications
  • incident visualisation

Airbus Defence and Space - CyberSecurity has its own knowledge base of attack scenarios, attack patterns and trends, and signatures of compromise that enable us to grasp the situation and react quickly when faced with an already known or emerging threat.