Generally speaking, a new form of highly targeted cyber attack known as an Advanced Persistent Threat (APT) has emerged as a way to obtain sensitive data and login credentials from any number of companies. Devices that contain software such as bar code scanners, payment terminals, and mobile computers are used to streamline operations for companies. These devices are commonly connected to Point of Sale and Enterprise Resource Planning systems. These devices have recently been targeted to be used as an entry point to a larger system that may contain sensitive data.
In an APT attack, malware or contaminated firmware is loaded onto the network-connected device. The initial attack can be done even before the device is shipped from the factory. Once the device is connected to a network, for example a bar code scanning device in a retail chain, the APT can access the larger retail network and obtain credit card numbers and any other data on the network.
Therefore, a need exists for a method and system to protect networks from APT attacks which are spawned through network-connected devices contaminated with malware.