As the world witnessed during the 20th century, the emergence of "nuclear club states," which have arsenals of deadly nuclear weapons, and "weapons of mass destruction club states," which include biological and chemical weapons as well as nuclear weapons, are expected to emerge in the next decade. 2020-2030 »APT countries, or countries with the tools and capabilities to wage cyberwarfare, rely on large-scale“ advanced advanced attacks ”in cyberspace, replacing what is now known as“ attacks ”. The activities of the ABT Club are the most prominent form Deeper and broader range of threats and attacks, e-security in the next decade.
This came in the context of expectations set by three companies specialized in information security, «Bai System», «Fire» and «Palo Alto Networks», on the main trends of information security risks and cybersecurity over the next decade. ZDNet.com has recently published a technical summary.
ABT is an abbreviation of a term known in the world of information security as "persistent threat", coined in 2006 by Greg Rattray, a US Air Force colonel, and used in telecommunications companies for years to denote security attacks. Targeted on large-scale information and communication networks, implemented with advanced tools, and maintained for long periods of time, providing unauthorized access to the resources of these networks and the content they contain relating to the activities of the associated institutions.
The attack continues on a large scale, undetected for a long time, and the term is also used to simultaneously intrude on targets, entities and objects widely deployed, in order to achieve certain targets predetermined by the attacker.
These attacks focus on institutions and entities that have a large amount of vital information, always in use and employment around the clock, in the management of the workforce within their countries, such as institutions of higher education, financial institutions, energy institutions, transport, technical institutions, health care institutions, manufacturing , Telecommunications sector, agriculture. Thus, it goes beyond all that is historically known about individual attacks or even group attacks, aimed at extortion, money, self-assertion, etc.
Given the breadth, complexity and length of attacks of this kind, they require capabilities, skills, tools and material and human resources, beyond the capacity of ordinary criminal groups, and must therefore be nurtured, planned and spent by States and Governments, and not by individuals and groups. "State-backed attacks."
Hence, the ABT Club is simply the group of countries that have the ability to carry out this kind of attack, and have practiced or practiced it, and have achieved results behind them related to their political, military, economic and strategic objectives, and they are carrying out within their borders or outside, according to What the goals and plans require.
Analysis of these attacks indicates that the average length of attack varies from place to place.In 2018, the average length of attacks in the United States was 71 days, in Europe, the Middle East and Africa, 177 days, and in the Asia-Pacific region 204 days, allowing attackers Great time to go through the attack cycle, deploy and achieve their goal.
According to the estimates of the experts of the three companies, dozens of countries have tried and try to enter the field, but the group possessing the skills and abilities that qualify them to be described as a member of the club «Apt» are still few and not exceeding the fingers of one hand, because it is only five countries They are the United States, Russia, China, Iran and North Korea, which are considered the "pioneer generation" or the first-grade generation in this club.
Experts predicted that the three companies, the number of members of the club «APT» over the next decade, to include new small and ambitious countries, along with the major superpowers and early pioneers.
“Over the past five years, many countries have developed their capabilities in this area, but none has risen to the level of the top five attackers,” said Sahar Noman, a threat intelligence analyst at BAE System. But there are a large number of countries that can be classified at the second and third levels, and it does not take a long time for some of these countries to rise to the professional level, while they are not equal to the more sophisticated piracy groups, but some of these operations have already appeared on the scene Globalization that it evolves constantly "So we expect the number to double over the next decade."
Benjamin Reid, director of cyber espionage analysis at Cyber Security, said: "Studying how emerging and future cyber forces use tools against targets within their borders can provide insight into what countries are growing. In this arena, it is predictable that the number will undoubtedly double in the next decade, as the second and third grade countries over the past five years have been developing tactical capabilities, from malicious programs and new technologies, relying heavily on the experience of external contractors, and then absorbing knowledge Through yolk talent Lia, who benefits from the leaks from early members, like the Shadow Brokers group, which leaked several secret NSA tools, and showed them on the Internet, which many young players used to launch A-type attacks. my house)".
It is evident from the analysis and follow-up that there are about 28 groups, launching attacks «APT» in different parts of the world, each linked to some of the five countries, members of the club, and even shows groups belonging to the second row members of the club , Including Vietnam, Uzbekistan, and Pakistan.
- The club's leading generation includes the United States and Russia
China, North Korea and Iran.