Towards Improving APT Mitigation: A Case for Counter-APT Red Teaming

Abstract:

Vulnerabilities leveraged by Advanced Persistent Threats (APTs) that ultimately allow them to gain access to critical data and unveil private information are often far removed from the portions of the security environment where initial access is gained. This paper presents a defensible scholarly decomposition of the red-team process itself and discusses how traditional red-team assessments may not be the most effective solution for emulating APT threats and mitigating their impacts. Counter APT red teaming (CAPTR teaming) is presented as a novel red-teaming process towards addressing such shortcomings of current well-known red-team practices.


AUTHORS

Photo of Dr. J.G. Oakley

Towson UniversityTowson,
United States

Dr. J.G. Oakley was one of the founding members of Marine Corps Forces Cyberspace Command’s operational arm. He left that unit as the senior Marine Corps operator and technical lead. After his enlistment he wrote and taught an advanced cyber operations course for the Department of Defense and eventually returned to mission support as a network exploitation analyst. He has also conducted threat emulation and persistent red teaming in the private sector as the principal penetration tester for a private firm, ultimately becoming the deputy director in charge of offensive security operations. Currently he serves as a cyber subject matter expert for a govern-ment customer. He is the author of the books Profes-sional Red Teaming and Waging Cyber War.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com