Your security team has discovered a malicious program that has been harvesting the CEO’s email messages and the company’s user database for the last 6 months. What are two possible types of attacks your team discovered? (Choose two.)
A. social activism
B. E Polymorphic Virus
C. advanced persistent threat
D. drive-by spyware
E. targeted malware
An advanced persistent threat is an attack in which an unauthorized user gains access to a system or network and remains there for an extended period of time without being detected. Advanced persistent threats are particularly dangerous for enterprises, as hackers have ongoing access to sensitive company data. Advanced persistent threats generally do not cause damage to company networks or local machines. Instead, the goal of advanced persistent threats is most often data theft.
targeted threats are a class of malware destined for one specific organization or industry. A type of crimeware, these threats are of particular concern because they are designed to capture sensitive information. Targeted attacks may include threats delivered via SMTP e-mail, port attacks, zero day attack vulnerability exploits or phishing messages. Government organisations are the most targeted sector.[1] Financial industries are the second most targeted sector, most likely because cybercriminals desire to profit from the confidential, sensitive information the financial industry IT infrastructure houses.[2] Similarly, online brokerage accounts have also been targeted by such attacks.[3]