EPA Has Taken Steps to Address Cyber Threats but Key Actions Remain Incomplete. Audit Report

摘要

We sought to highlight unimplemented actions the U.S. Environmental Protection Agency (EPA) should take to protect network resources from the increase of Advanced Persistent Threats (APTs) within the Agency. An APT is a cybercrime designed to steal or modify information without detection. These attacks are targeted at organizations, businesses, and political entities. The attackers that carry them out are typically organized and well funded. Unlike other virus attacks that may be launched at thousands of random computers on the Internet, APT activities are tailored, using multiple attack methodologies and tools, for specific targets. After a target has been successfully attacked, the attacker maintains a foothold on the target for future exploits. In other words, after an organization fixes the initial vulnerability, the attacker will be able to persist in an automated and hidden mode, remaining on the network unbeknownst to the organization.