“To get access to corporate networks, thieves use a variety of techniques. Phishing e-mails entice employees to click on links that surreptitiously load malware onto their computers, for instance, opening the door to corporate networks. Then there’s a relatively recent and increasingly common technique known as an Advanced Persistent Threat, a highly sophisticated attack typically aimed at companies and government agencies to obtain high-value information like trade and military secrets. Unlike other hacker attacks that tend to be single, quick guerrilla strikes, these are long-term offenses that can involve a combination of tactics including installing malware and looking for software vulnerabilities. To carry out a successful attack, perpetrators must have an uncommon ability to avoid detection. ‘If they’re good at getting intellectual property, you won’t even know they were ever there,’ said Deb Radcliff, executive editor for the Sans Institute, which trains computer security specialists.”
Source: The Battle to Protect Confidential Data – Businessweek