APT groups are not very good at hacking


Hackers behind advanced persistent threats (APTs) are surprisingly unskilled and technically unsophisticated, according to the security vendor Sophos.

An analysis of a bug affecting a number of Microsoft Office apps allowed the company to compare the strategies that hackers employed, with the results showing that most did not have a deep understanding of their trade.

Gabor Szappanos, principal researcher at SophosLabs, said: "In most cases [hackers] don’t have to be sophisticated to be effective.

"They don’t have to use complicated methods to get into organisations. In many cases social engineering works, or they can rely on Office versions that have not been patched."

Perhaps because of the ease in attacking, many hackers were not testing their malware effectively, sometimes leaving large parts of the software dysfunctional, and they also did not have enough knowledge to modify an malware to target several versions of Office.

Sophos also found that common malware authors had more understanding of exploits than the APT groups, which means that the viruses with the most exposure are also better designed.

"If security researchers and system administrators follow and act upon vulnerability announcements, they are likely to be prepared for these groups," Szappanos added.

However he warned that if businesses improve their security policies or buy better defensive tools the number of cybercriminals was unlikely to drop significantly.

"It’s a good business so if they see their chances decreasing then they will try to improve themselves or try to find easier targets," he said.

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *


  • Favorite list is empty.
FavoriteLoadingClear favorites

Your favorite posts saved to your browsers cookies. If you clear cookies also favorite posts will be deleted.