Skip to content


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page

Constant vigilance: The key to catching covert criminals

"Perpetrators of these ‘advanced persistent threats’ (APTs) spend much more time gathering information than other hackers."



Jane BirdFinancial Times1 June 2012


PA’s Alan Phillips, security expert, is quoted extensively in an article in the Financial Times as part of a special report on cyber security. The article looks at computer crime and how, although much of this is opportunistic and random, some cyber attacks are focused and target a specific individual or organisation

Alan says: “Perpetrators of these ‘advanced persistent threats’ (APTs) spend much more time gathering information than other hackers.” 

The material could be about operational activities, staff members, IP addresses, even job advertisements. “By the time they launch the attack, they have a high degree of success,” Alan says.

Alan talks about how APTs can be hard to spot and says it is like having an invisible man in your house: “You only see him if he leaves muddy footprints.”

Alan goes on to advocate “dynamic” defence – making frequent small changes to system configurations to thwart offensive techniques. He recommends regularly testing defences and instant response plans, “so people know what to do when something does happen”.

He also advocates logging and monitoring as much detail as possible around sensitive data, “so you have the forensic information to work out what’s gone wrong – otherwise, you might suspect a breach for a long time without being able to discover it”.

Staff should be discouraged from listing their technical skills on sites such as LinkedIn, because this might give away operational activities, Alan says. Criminals can work out what software you are running.

Alan also suggests staff should not use their work email addresses and IDs on public websites such as help forums. Another simple precaution that is often overlooked is removing default, factory-set system passwords.

You can read the article in full here.

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.