Advanced persistent threats (APT) are a particular challenge currently facing our customers, our suppliers and ourselves. For this reason, we made APT the focus of this year’s Swisscom Cyber Security Report. Together with partners from the security community, we have put together an overview of the attackers, their methods and their tools. Apart from that, there has been little change in the cyber threat situation over the past year. It remains complex but stable.
APT are targeted attacks by unauthorised persons who gain access to a network and try to remain undetected there for as long as possible. The hackers choose a specific destination deliberately in order to access certain data or to disrupt certain services. They often use extremely specialised tools, some of which are created specifically for this type of attack.
Both APT and DDos always have a specific target. Ransomware, on the other hand, is dispersed widely to affect as many victims as possible. The goal of an APT is to remain undetected for a long time – after all, the attackers want to get as much information as possible and cause as much damage as possible –which is where they differ from DDos attacks.
The report shows how the hackers go about achieving their aims, while also discussing the different motivations behind an attack and the catalysts. By analysing previous APTs, we can also show the tools that hackers use a lot. It is compulsive reading for anyone with an interest in cyber security. You don't need any in-depth technical knowledge to be able to understand the findings. Our primary target audience, however, are CIOs, CSOs and other decision-makers in Switzerland. We want to help them better understand and arm themselves against current and future cyber threats.
Unfortunately, no-one can protect themselves against a hacker attack one hundred percent. However, that is no excuse for being negligent. Just think, we all lock the front door when we go out. You know that there could be burglars in your area, and you take precautions accordingly. Does this automatically mean that your house will never be broken into? No. But you have put your jewellery in the safe, installed an alarm system and done all you can not to invite the burglars in. This is essentially what we do in cyberspace.
“Most successful attacks start with just one careless colleague.”
Panos Zarkadakis, Head of Security Architecture Swisscom
A first important step is to raise employee awareness of hacker attacks. After all, most successful attacks start with just one careless colleague. In addition, a company needs good alert systems to identify attackers who have already gained access to the system. Of course, it is advisable to establish several lines of defence to make it harder for the attackers to move freely on the network. You have to look beyond your own nose: what types of attackers are currently active? Which tools do they use? And how can we protect ourselves against them?
And they do not have to – in the same you wouldn’t install a home alarm system yourself or undertake the nightly security inspections on your company premises. We would usually employ a specialist company, such as Securitas, to do this. The same is true in cyberspace: there are specialists who can take over the security tasks. Swisscom is offering comprehensive Threat Detection & Response solutions for corporate customers. What everyone can – and should – do is be aware of the risks, ensure that critical information and systems are protected as optimally as possible and remain alert in everyday life.
Swisscom Cyber Security Report 2019
The Swisscom Cyber Security Report is published annually and focuses on current cyber threats. The main topic of this year’s report is advanced persistent threats (APTs). The report describes the motivations and methods of the attackers. Using data collected and analysed by Swisscom, it provides an insight into the methods and tools attackers use most frequently. It also highlights the countermeasures that are particularly effective in identifying an attack and what Swisscom is currently doing for its part.
Download Cyber Security Report 2019 (PDF)
Panos Zarkadakis is Head of Security Framework & Governance at Swisscom Group Security. He co-authored the Swisscom Cyber Security Report and is also Deputy Chief Security Officer.
Alte Tiefenaustrasse 6
Postfach, CH-3050 Bern
Tel. +41 58 221 98 04
Fax +41 58 221 81 53