An advanced persistent threat (APT) refers to an attack that uses innovative methods to hack a system.
APTs bide their time within a country or large organization's computer networks, in what is known as 'dwell time'.
Other types of cyber attacks have very short dwell times because they focus on getting in and out quickly. APT attackers have significantly longer dwell times - they bide their time in order to chip away at accomplishing their objectives.
APT attackers typically attempt to acquire intelligence or other vital data that can be used to cause damage, or to gain a competitive advantage.
APT attackers use advanced techniques:
- Cyber espionage tactics involving multiple actors to penetrate an organization step by step, including overcoming firewalls.
- Planting malware through easy entry points like an email system. The malware examines and evaluates the network, as well as its security system, in search of vulnerabilities.
- Using the planted malware to launch a wave of malicious code.
APT threats are persistent in two ways:
Unlike random cyber threats that attack a wide range of organizations with the hope of stumbling on one with a weak security system, APTs are determined to attain specific goals by:
1. attacking specified targets
2. ying in wait for the opportune moment to strike.
Why are APTs a threat?
- They are backed by malicious intent, propelled by humans determined to obtain an objective. This makes the threat more tangible than those posed by random programs meandering around the internet.
- They are often well-funded, because those employing the cyber attackers place a high value on a successful attack.