Access your Pro+ Content below.
Ranum chat: APT attacks and malware evolution
This article is part of the Information Security magazine issue of January/February 2012
Marcus Ranum: Joel, I'm sure you know we can't get through this without talking about advanced persistent threats (APT) and malware. What's your take on that topic? I know you're a real malware maven; are there different levels of the state of the art in malware? Is malware evolution slow, or rapid? What's going on out there? Joel Yonts: Marcus, just the mention of the term advanced persistent threat (APT) has such an impact on practitioners in our field. As you know, these reactions vary from sheer terror to the extreme skeptic that says APT is a term invented by marketers to sell more gear. Since the term is so inflammatory, I will reserve my thoughts on that topic for a moment and focus on the malware problem. Malware comes in many levels of sophistication. On one end of the spectrum, we have malware that can shut down a nuclear facility (Stuxnet) by reprogramming low-level controls. On the other end of the spectrum, I received a malicious spam attachment the other day that had a poorly constructed executable that after ...
Access this PRO+ Content for Free!
Features in this issue
Attackers are targeting new vectors such as smartphones, social media and cloud services. Enterprises need to up their game.
Managing mobile device risks tops the list of priorities for security pros this year.
A rash of CA breaches shows up weaknesses in the SSL infrastructure. Take action to protect your customers and employees.
Security experts say there are better alternatives to copyright protection.
Columns in this issue
An examination of three cases illustrates that it’s not always a clear case of good vs. evil.
Security expert Marcus Ranum talks with Joel Yonts, a seasoned security executive with a passion for information security research.
Prominent security and Internet thinkers and leaders have become an effective lobby on Capitol Hill and played a big role in squashing SOPA.