Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Future security for Windows against APTs

SANS Institute : 03 April, 2013  (Technical Article)
SANS Institute draws link between Microsoft support withdrawal for XP and a re-evaluation of security to cope with advanced persistent threats
Future security for Windows against APTs

In April of 2014, Microsoft will stop releasing any new security patches for Windows XP. “Like it or not, migrating off Windows XP is no longer optional, the clock is counting down”, says Jason Fossen, principal security consultant at Enclave Consulting LLC, published author and a noted public speaker on Microsoft security issues.

“Hackers are still actively looking for vulnerabilities within the older operating systems. As of April 2014, Microsoft will no longer release any new security patches for Windows XP,” explains Fossen.  “Roughly half of all business and government computers are still running Windows XP, and the time is running out before XP’s end of life.  XP vulnerabilities published after April of 2014 will be very valuable to hackers and malware designers.”

Fossen believes that older operating system and unpatched application software such as Adobe Reader and Java are instrumental in the rise of Advanced Persistent Threat (APT). The expert points to the recent report from Mandiant on APT1, an organised group which it links to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398).

According to its research, since 2006 APT1 has conducted economic espionage against 141 victims across multiple industries. The report also highlights 40 APT1 malware families that have been used in attacks. “APT attacks will exploit Microsoft operating systems and securing Windows is absolutely critical in reducing the risk of APT,” says Fossen.

Fossen stresses that the issue is not entirely the fault of Microsoft, as all operating systems eventually need to be decommissioned. However, organisations often underestimate the security risk of waiting till the last moment to migrate and cannot migrate sooner or more quickly because of budget constraints. “Newer versions of Windows provide features that help resist APT but only if correctly configured and deployed and many organisations still lack the knowledge to utilise these features in a coherent fashion,” Fossen adds.

Fossen will be teaching the new SANS SEC505: Securing Windows and Resisting Malware course which will be making its European debut at SANS Secure Europe 2013. The SANS instructor has spent several months updating the course syllabus to reflect the arrival of new operating systems, but highlights the end of life for previous versions as a much more worrying event.

This course teaches the most important things to do to secure Windows and how to minimize the impact on users of these changes. Through hands on demonstrations, the course teaches step-by-step exercises and offers preparation for the GIAC Certified Windows Security Administrator (GCWN) certification exam.

“As we live within a world where Advanced Persistent Threat malware is now commonplace, unsupported and vulnerable operating systems residing within a seemingly secure environment can become a breeding ground for APT. Organisations need to develop a migration strategy to get off Windows XP before April of 2014, not after.”

The Securing Windows and Resisting Malware course is fully updated for Windows Server 2012, Windows 8, Server 2008-R2, and Windows 7.

SANS Secure Europe 2013, mainland Europe’s largest InfoSec training event will be returning to Amsterdam’s Radisson Blu Hotel from 15th to 27th of April 2013 with a roster of eight essential training courses plus free evening talks, networking opportunities and NetWars session.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo