Browse Definitions :
Definition

long-tail intrusion

Contributor(s): Matthew Haughn

A long-tail intrusion is a network intrusion that occurred in the past and has persisted for some time.

Long-tail intrusions include advanced persistent threats (APT). However, sometimes intrusions achieved by simpler methods and malware may be used as the starting point of a long-tail intrusion and continued by downloading new code by means such as Trojans hidden by root kits and code targeting zero day vulnerabilities.

Hackers of all stripes use these methods to gain long-term access for web crime, legitimate law enforcement, government spying and hacktivism. Access to the actual targeted data or network resource may take some time, during which the attacker could get other information from and about the network that may be valuable in itself both before and afterwards.

Long-tail intrusions are a considerable problem in security, especially for those relying solely on tier 1 security such as a firewall or intrusion prevention, which is focused solely on preventing initial entry to a network. In organizations with 5000 computers or more, 90 percent have existing breaches, on average, and these breaches may exist undetected for more than a year.

Tier 2 security such as breach detection systems (BDS) focus on malicious activity within the network it protects. BDS determines possible breaches by differing combinations of heuristics, traffic analysis, risk assessment, safe marked traffic, data policy understanding and violation reporting.  BDS are sometimes able to detect breaches as they occur but the systems are designed to identify existing intrusions.

This was last updated in November 2014

Continue Reading About long-tail intrusion

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • compliance framework

    A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with...

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • privacy compliance

    Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or ...

SearchSecurity

SearchHealthIT

  • telemedicine (telehealth)

    Telemedicine is the remote delivery of healthcare services, such as health assessments or consultations, over the ...

  • Project Nightingale

    Project Nightingale is a controversial partnership between Google and Ascension, the second largest health system in the United ...

  • medical practice management (MPM) software

    Medical practice management (MPM) software is a collection of computerized services used by healthcare professionals and ...

SearchDisasterRecovery

  • disaster recovery (DR) test

    A disaster recovery test (DR test) is the examination of each step in a disaster recovery plan as outlined in an organization's ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery (DR)

    Disaster recovery (DR) is an area of security planning that aims to protect an organization from the effects of significant ...

SearchStorage

  • kilobyte (KB or Kbyte)

    A kilobyte (KB or Kbyte) is a unit of measurement for computer memory or data storage used by mathematics and computer science ...

  • megabytes per second (MBps)

    Megabytes per second (MBps) is a unit of measurement for data transfer speed to and from a computer storage device.

  • zettabyte

    A zettabyte is a unit of measurement used by technology professionals and the general public to describe a computer or other ...

Close