Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
An advanced persistent threat (APT) refers to a cyberattack launched by an attacker with substantial means, organization and motivation to carry out a sustained assault against a target. An APT is advanced in the sense that it employs stealth and multiple attack methods to compromise the target, which is often a high-value corporate or government resource. The attack is difficult to detect, remove, and attribute. Once the target is breached, back doors are often created to provide the attacker with ongoing access to the compromised system. An APT is persistent because the attacker can spend months gathering intelligence about the target and use that intelligence to launch multiple attacks over an extended period of time. It is threatening because perpetrators are often after highly sensitive information, such as the layout of nuclear power plants or codes to break into U.S. defense contractors.
An APT has three primary goals:
The attacker hopes to be able to achieve its goals while remaining undetected.
Perpetrators of APTs often use trusted connections to gain access to networks and systems. The trusted connection can be a sympathetic insider or unwitting employee who falls prey to a spear phishing attack.
APTs differ from other cyberattacks in a number of ways: