earticle

영어

Attempts to distribute malware using social engineering email deployment to the domestic defense industry have been detected from CY 2009 to 2012, up to the present. The analysis of the characteristics of the attacks showed their consistency and specificity. They commonly use social engineering to distribute malware. In addition, they have typical APT characteristics. On the other hand, the persistence of the same techniques and forms was seen. These are done by the same group or the same person who launched the APT attack. According to the APT attack characteristics, there is a limit to malware defense and prevention. Therefore, all of the executives and staff members understand and share the characteristics of APT and need to be strengthened in security management. Only prevention can reduce the risk of a security incident from an APT attack via social engineering. APT, Advanced Persistent Threat, Social Engineering Attack