TrainACE - IT and Cybersecurity Training Blog

Researchers at security company FireEye have revealed an advanced persistent threat targeting the U.S. defense and aerospace industries and likely originating in China. Named Beebus after an early sample, the campaign's attacks come in continuous waves over time against strategically chosen individuals. According to an unnamed inside source, the Beebus campaign began in early 2012 when FireEye noticed suspicious activity on the systems of some its defense and aerospace clients. Of 261 discovered attacks, 123 targeted unmanned aerial vehicle or systems vendors. The most recent exploit used a Deloitte industry analysis report sent in a weaponized email. Researchers believe that the campaign has so far touched 214 servers with 60 unique IP addresses.

A huge portion of modern society uses some form of digital technology on a daily basis. Many conveniences on a national and personal level have been made possible due to this technology, but also opens up a Pandora's box of a whole new set of problems as well. The cyber battlefield grows more dangerous as organized hackers and other cyber threatening criminals set out to exploit the conveniences produced by the digital age for their own gain. There is an ongoing challenge, therefore, creating cyber security or defenses to protect the country from attacks; but have, on many occasions, been successfully breached to raise considerable concern even among the most savvy cyber security agencies in the world.

The term advanced persistent threat (APT) was originally used to describe complex, ongoing espionage perpetrated by foreign governments. However, today, APT typically refers to a category of cybercrime directed toward businesses or government entities. APTs are usually online attacks used to achieve goals beyond those that can be met by a single security breach, but some may involve malicious activity conducted onsite. Compromised computer systems are continuously monitored by the attackers or added to a stable of slave computers to be used to achieve some future goal. APTs are most often perpetrated by employing some form of malware, and IT technicians defend against APTs by installing antimalware software and hardware firewalls.

The CompTIA Advanced Security Practitioner (CASP) certification is intended for professionals with at least ten years of experience in security administration. Five of those years must be hands-on technical experience. The CASP does not require that any previous exams have been passed, but is a higher-level exam than the CompTIA Security+.