Shulou(Shulou.com)05/31 Report--

Today, I will talk to you about how to prevent and resist APT attacks, which may not be well understood by many people. in order to make you understand better, the editor has summarized the following content for you. I hope you can get something according to this article.

In recent years, various overseas government background APT hacker organizations continue to carry out network attacks on our country, stealing a large number of important and sensitive information. It not only attacks our party and government organs, national defense, military industry, scientific research institutes and other core key units, but also extends to key information infrastructure, energy, finance, military-civilian integration and other fields. There are many sources, frequency and intensity of attacks.

Without cyber security, there can be no national security.

The national security organs thoroughly study and implement the important instructions on maintaining network security, and, under the guidance of the overall concept of national security, based on their duties, severely crack down on cyber attacks, theft and infiltration sabotage activities of overseas organizations, and resolutely safeguard the security of cyberspace in our country.

A relevant person in charge of the Ministry of State Security said that at present, APT secret theft includes three major characteristics, namely, the attack has a wide range of areas and a large scale; a variety of attack targets, covering the whole network; and advanced attack technology and complex methods.

Overseas APT organizations extensively use advanced technologies such as artificial intelligence and big data, and at the same time adopt a variety of technical methods and techniques, such as loophole attacks, decoy attacks, and "man-in-the-middle" attacks, making it difficult for people to prevent them.

How to defend against APT attacks?

"We should adhere to the overall concept of national security, establish a correct awareness of network security, and guard against the risks and challenges of network security in multi-levels and multi-dimensions." The network security experts of the national security organs responded to this and put forward six suggestions on how to prevent and resist APT attacks on the core key units and important secret-related personnel:

① should consolidate the main responsibility of various departments for network security, and ensure that the responsibilities of all aspects of network security and secrecy are clear, accountable and accountable.

Judging from some of the cases that have been found to be investigated and dealt with, the secrecy duties of some links are unclear, which is one of the important reasons for the existence of loophole risks and the occurrence of cases. Therefore, in the division of network security responsibilities, we should specifically formulate the requirements of network security and security work according to the specific network application situation, business application model and job characteristics, and decompose them in detail.

② should strengthen regular network security education and skills training to enhance network security awareness and prevention skills.

The carelessness and illegal operation of the staff are the main reasons for the vast majority of network security incidents and leakage cases. To improve the staff's awareness and skills of network security prevention and completely put an end to unsafe operation behavior is the foundation of network security management. We must strictly ensure that "secret-related computers and mobile storage media do not store secret-related materials, do not transfer secret-related documents through Internet mailbox storage, and do not talk about secret-related contents in fixed phones and mobile phones, and secret-related computers and mobile storage media are strictly prohibited from connecting to the Internet."

③ should strengthen the security protection of computers and e-mail boxes.

In addition to installing antivirus and protective software on office computers and mobile phones, security tests should be carried out irregularly to find out whether computers and mobile phones are infected with virus Trojans, and whether there are suspicious network requests or connections. whether there is an abnormal login in the mailbox. When traveling on business, especially when going abroad, it is best to bring new computers and mobile phones that do not store any documents, register a new e-mail address, and do not easily use electronic equipment given by others in the form of gifts before passing technical testing.

④ should strengthen the capacity building of network technology prevention to ensure that technical prevention measures are in place and give full play to their effectiveness.

According to the network application situation and the requirements of the level of secrecy, set up adequate technical preventive measures; network administrators shall regularly check the operation and monitoring records of the equipment of various technical protection means, so as to ensure that the equipment has been operating normally and effectively, and can detect all kinds of illegal, suspicious or dangerous technical operation behavior in time.

⑤ should earnestly strengthen the enforcement and supervision of network security and confidentiality rules and regulations.

We will strengthen supervision, remind and restrict secret-related personnel to abide by the secrecy system, and promote the implementation of various confidentiality requirements and responsibilities. At the same time, we should grasp the small as early as possible, detect and deal with abnormal situations and hidden dangers as soon as possible, reduce the gaps and weak points of information security as much as possible, and effectively control risks.

⑥ should strengthen cooperation with national security organs and other professional departments.

The national security organs are professional departments in the struggle against cyber espionage against the enemy, and they have the responsibility and obligation to guide and assist various units to do a good job in network security prevention. The state security organs will actively assist all secret-related units to carry out anti-espionage technology theft detection, discover that computer networks have been attacked by overseas espionage and intelligence agencies, and find loopholes and weak links in operation and management, so as to eliminate hidden dangers in a timely manner. At the same time, guide all units to implement network security measures, improve technical prevention capabilities, and prevent enemy network attacks and secret theft activities.

After reading the above, do you have any further understanding of how to defend against APT attacks? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.