The continuous evolution of the global information technology makes the APT attacks more aggressive and purposeful. Application of advanced technology, long latency hidden and sponsored by proift party long-term funding, is signiifcantly different APT attacks from other network attacks. This paper introduces the popular APT attacks in recent years, such as NIST attacks on the APT, so as to give the character of APT attacks, and indicate usual target of APT attack, by analysising APT attack case in recent years. After a detailed analysis of the common steps of APT attacks-South Korea SK company being APT attack, it illustrates the various steps of the offensive content. Furthermore, it puts forward comprehensive response to the APT attacks from the macroscopic continuous improvement of protection concept and micro structured best practice methods solutions.%全球信息技术的不断演变,使得APT攻击更具有侵略性和目的性。先进的技术应用、长期的潜伏隐匿、获利方的资助,是APT攻击与其他网络攻击的显著区别。文章介绍了近年流行的APT攻击,首先以NIST对于APT攻击的定义说明APT攻击的特点,并指明攻击者通常使用APT攻击的目标,分析近年APT攻击的实例;然后又详细分析了APT攻击的常见步骤,并以韩国SK公司遭受APT攻击的案件为实例说明了各个步骤的攻击内容;进而提出全面应对APT攻击的宏观持续性改进的防护思想及微观的结构化最佳实践应对方法。
展开▼
