Advanced persistent threats (APTs) have become a nightmare for organizations ranging from media titans like The New York Times and Washington Post to energy companies. Because the malware is built for stealth, conventional security tools have a devil of a time combating it. Software and hardware systems that are often described as big data solutions can be used effectively to battle APTs, but not without some challenges.
A number of techniques are used by the creators of APTs to keep them off the radar of system defenders. Their primary purpose is to blend the malware’s activity into the network landscape of an organization. All that activity leaves spoor on a system, but common security solutions don’t have the capability to detect it. Approaches that come under the big data heading can analyze data from many sources, and correlate relationships among thousands of nodes in an enterprise network, for example, identifying potential threats and scoring the risks of each one.