Advanced Persistent Threat

What Does Advanced Persistent Threat Mean?

An advanced persistent threat (APT) is a cyberattack launched by an attacker with substantial means, organization and motivation to carry out a sustained assault against a target.

Advertisements

The attacker's goal is to remain hidden over an extended period of time and incrementally obtain the permissions required to achieve the attack's objectives.

APTs differ from zero day and other types of cyberattacks in a number of ways:

  • This type of cybersecurity attack is expensive to conduct so it is often aimed at highly valuable targets, such as government facilities, defense contractors, media outlets and manufacturers of high-tech products.
  • Threat actors often use legitimate credentials they have acquired by exploiting known vulnerabilities, using social engineering tactics and conducting brute force attacks.
  • The attacker will often develop and deploy customized malware and seek to compromise trusted third-party software.
  • APT threat actors will spend time and money to monitor their target closely and pivot attack vectors when necessary.

Techopedia Explains Advanced Persistent Threat

An APT has three primary goals:

  • Surveillance
  • Sabotage
  • Theft

Perpetrators of APTs often use threat intelligence and trusted connections to gain initial access to target networks and systems. The trusted connection may be third-party software or an insider who falls prey to a spear phishing or whaling attack.

An APT is advanced in the sense that it employs stealth and multiple attack methods to compromise the target. This type of attack is difficult to detect, remove, and attribute. Once the target is breached, back doors are often created to provide the attacker with ongoing access to the compromised system.

An APT is persistent because the attacker can spend months — or even years — gathering intelligence about the target before using that intelligence to launch multiple attacks over an extended period of time. This type of cyberthreat is dangerous because perpetrators are often after highly sensitive government information, such as the layout of nuclear power plants or codes to break into U.S. defense contractors.

Advertisements

Related Terms

Latest Cyber Threats Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Featured Content

Traders Think This Gaming Token Could Explode 10X For its Daily Passive Income Offer Up to 10000 USDT

Alan Draper11 months
dummy_img
Artificial Intelligence

Meta’s SeamlessM4T: One Step Closer to Universal Language Translation

Dr. Tehseen Zia11 months
dummy_img
Blockchain

Can Global Cooperation Achieve Consistent Stablecoin Regulation?

Iliana Mavrou11 monthsCrypto Writer
dummy_img
Blockchain

Is Polygon’s POL Upgrade The Future Of Multi-Chain Staking?

John Isige11 monthsCrypto Writer
dummy_img
Featured Content

Chimpzee Continues To Wow Crypto Community With Charity Events, Presale Heating Up

Alan Draper11 monthsEditor-in-Chief
dummy_img
Artificial Intelligence

The Future of Dark AI Tools: What to Expect Next?

Tim Keary11 monthsTechnology Expert

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
Trading
Trading
VoIP
VoIP
VPN
VPN