Time
21 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
Hello, everyone. I'm instructor Gerry Roberts, and this is introduction to a PT groups.
00:07
In this video, we're gonna learn what a P T actually is
00:11
and what a P T group ISS.
00:16
First of all, what is a P T. A. P T. Stands for advanced, persistent threat.
00:24
So let's break that down a little bit.
00:27
The advanced portion
00:29
means that these attacks used advanced and sophisticated techniques, usually some sort of malware,
00:38
like a worm or a virus or something like that, to attack vulnerabilities in a system
00:47
so they'll actually use malware or some sort of software to take advantage of a voter ability and assist
00:57
the next work. Persistent, persistent just means that is continuous.
01:02
Typically, it's some sort of control mechanism, like a suffer program or something like that. They continuously monitors and or collects data from its target, so once they've attacked their target, they don't stop. It continues
01:19
when they continue to get information
01:23
on a regular basis.
01:25
Now threat.
01:26
The threat portion stands for a person or thing that is likely to cause damage. This case is probably both.
01:34
A person is probably using a thing like a virus to exploit the vulnerability.
01:42
Now that leads us to
01:44
what a P T group actually is.
01:47
A PT groups are just groups that perpetrate a P T attacks.
01:53
A lot of the time these are political or financially motivated.
01:57
Originally, when we started seeing these type of attacks, they were state sponsored, government sponsored
02:06
and groups that were working with different groups to sabotage different governments.
02:13
Now, good example of this was the Stuxnet worm.
02:15
Now the Stuxnet worm was a worm that invaded Iran's power grid and actually did quite a bit of damage by changing how some of the mechanical and electrical equipment work.
02:29
That was a believed that the attack was state sponsored by the USA or Israel, or possibly both. But no one really actually knows. This is just a theory that Iran had that maybe they were attacked by those people
02:44
because they were at that time in a conflict.
02:47
We don't know.
02:49
No, but it has actually claimed responsibility for
02:53
overtime. This has changed as far as state sponsorship goes. Lots of groups, our very diverse. They range from rag tag teams hacktivists. Sometimes they're still state sponsored, But that's not a guarantee of what the group is actually comprised of,
03:10
Ah, one of those examples that you probably have heard of our couple hacktivist groups,
03:17
including anonymous. They are considered an A P T group because some of the attacks have been considered a P T.
03:27
Who did they target?
03:29
So a PT groups
03:30
typically target somebody that has a lot of personal, identifiable information or P I I
03:38
s So that would be like a bank or
03:43
a social security group or something like that. So they could get that information and possibly sell it or use it themselves.
03:51
Governments are also targeted for political reasons. So, like we were talking earlier about the attack on Eireann Ah, the reason that they thought that it was those two particular governments was because of political reasons.
04:04
There are a couple common targets that we find
04:10
higher education, financial institutions, energy, transportation to acknowledging healthcare, telecommunications, manufacturing in agriculture.
04:23
Now, one of the things they il notice there is like energy and other utilities.
04:30
A lot of the utilities and equal grow developed world, including the United States and several other countries, are now running water called smart grids. Now, smart grids integrate monitoring
04:45
and other controls with the electrical system.
04:48
Having said that, that means that if somebody were to get a hold of those controls, they might be able to turn off a lot of the electric, and that could cause a lot of issues. So these are actually big targets, and it's one of the targets that you'll see. A lot of people talking about now
05:08
is utilities, especially energy.
05:13
All right, so time for our first quiz in this module. Our post assessment question,
05:19
the advanced portion of a P T. Means
05:24
the Attackers used sophisticated tech needs.
05:29
The Attackers attack difficult targets.
05:33
The attacks are persistent,
05:35
or it means that humans are responsible.
05:39
I'll give you a few moments here to figure it out, you composite video as well, and then we'll get the answer
05:48
answers. Athe attacks. Use sophisticated techniques or advanced techniques.

Up Next

APT Group Fundamentals

In this course, you will learn the fundamentals of Advanced Persistent Groups, and the deliniation between them in comparison to popular threat vectors in the security space. This course will cover common characteristics and attack patterns of APT groups, so that you can understand the threats associated.

Instructed By

Instructor Profile Image
Gerrianne Roberts
Professor, Network Engineering Technology
Instructor