Don't miss an insight. Subscribe to Techopedia for free.

Subscribe
Advertisements

Advanced Persistent Threat

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…

Full Bio
View our Editorial Policy
Editor
checkmark
Editor
Last updated:

What Does Advanced Persistent Threat Mean?

An advanced persistent threat (APT) is a cyberattack launched by an attacker with substantial means, organization and motivation to carry out a sustained assault against a target.

Advertisements

The attacker's goal is to remain hidden over an extended period of time and incrementally obtain the permissions required to achieve the attack's objectives.

APTs differ from zero day and other types of cyberattacks in a number of ways:

  • This type of cybersecurity attack is expensive to conduct so it is often aimed at highly valuable targets, such as government facilities, defense contractors, media outlets and manufacturers of high-tech products.
  • Threat actors often use legitimate credentials they have acquired by exploiting known vulnerabilities, using social engineering tactics and conducting brute force attacks.
  • The attacker will often develop and deploy customized malware and seek to compromise trusted third-party software.
  • APT threat actors will spend time and money to monitor their target closely and pivot attack vectors when necessary.

Techopedia Explains Advanced Persistent Threat

An APT has three primary goals:

  • Surveillance
  • Sabotage
  • Theft

Perpetrators of APTs often use threat intelligence and trusted connections to gain initial access to target networks and systems. The trusted connection may be third-party software or an insider who falls prey to a spear phishing or whaling attack.

An APT is advanced in the sense that it employs stealth and multiple attack methods to compromise the target. This type of attack is difficult to detect, remove, and attribute. Once the target is breached, back doors are often created to provide the attacker with ongoing access to the compromised system.

An APT is persistent because the attacker can spend months — or even years — gathering intelligence about the target before using that intelligence to launch multiple attacks over an extended period of time. This type of cyberthreat is dangerous because perpetrators are often after highly sensitive government information, such as the layout of nuclear power plants or codes to break into U.S. defense contractors.

Advertisements

Related Terms

Related Reading

Tags

Trending Articles

Blockchain
How ChatGPT is Revolutionizing Smart Contract and Blockchain
Blockchain
An Introduction to Blockchain Technology
Blockchain
How Do Cryptocurrencies Work?
Healthcare IT
AI in Healthcare: Identifying Risks & Saving Money
Advertisements