Set of stealthy and continuous computer hacking processes
An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.[1][2] In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.[3]
Such threat actors' motivations are typically political or economic.[4] Every major business sector has recorded instances of cyberattacks by advanced actors with specific goals, whether to steal, spy, or disrupt. These targeted sectors include government, defense, financial services, legal services, industrial, telecoms, consumer goods and many more.[5][6][7] Some groups utilize traditional espionage vectors, including social engineering, human intelligence and infiltration to gain access to a physical location to enable network attacks. The purpose of these attacks is to install custom malware (malicious software).[8]
APT attacks on mobile devices have also become a legitimate concern, since attackers are able to penetrate into cloud and mobile infrastructure to eavesdrop, steal, and tamper with data.[9]
The median "dwell-time", the time an APT attack goes undetected, differs widely between regions. FireEye reported the mean dwell-time for 2018 in the Americas as 71 days, EMEA as 177 days, and APAC as 204 days.[5] Such a long dwell-time allows attackers a significant amount of time to go through the attack cycle, propagate, and achieve their objectives.
^"What Is an Advanced Persistent Threat (APT)?". www.kaspersky.com. Archived from the original on 22 March 2021. Retrieved 11 August 2019.
^"What Is an Advanced Persistent Threat (APT)?". Cisco. Archived from the original on 22 March 2021. Retrieved 11 August 2019.
^Maloney, Sarah. "What is an Advanced Persistent Threat (APT)?". Archived from the original on 7 April 2019. Retrieved 9 November 2018.
^Cole., Eric (2013). Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization. Syngress. OCLC 939843912.
^ ab"M-Trends Cyber Security Trends". FireEye. Archived from the original on 21 September 2021. Retrieved 11 August 2019.
^"Cyber Threats to the Financial Services and Insurance Industries" (PDF). FireEye. Archived from the original (PDF) on 11 August 2019.
^"Cyber Threats to the Retail and Consumer Goods Industry" (PDF). FireEye. Archived from the original (PDF) on 11 August 2019.
^"Advanced Persistent Threats: A Symantec Perspective" (PDF). Symantec. Archived from the original (PDF) on 8 May 2018.
^Au, Man Ho (2018). "Privacy-preserving personal data operation on mobile cloud—Chances and challenges over advanced persistent threat". Future Generation Computer Systems. 79: 337–349. doi:10.1016/j.future.2017.06.021.
and 27 Related for: Advanced persistent threat information
An advancedpersistentthreat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer...
organs of the People's Republic of China, including affiliated advancedpersistentthreat (APT) groups, against other countries. While some details remain...
the province. The department is best known for operating the advancedpersistentthreat 31 (APT 31). The Hubei State Security Department was established...
UNC530, ACTINIUM, or Aqua Blizzard (by Microsoft) is a Russian advancedpersistentthreat that has been active since at least 2013. Cyber espionage appears...
as an advancedpersistentthreat. On December 15, 2017, the group was designated by FireEye as a nation state-based advancedpersistentthreat, regardless...
competitors. These threat actors all have distinct motivations, techniques, targets, and uses of stolen data. See Advancedpersistentthreats for a list of...
cyberespionage for the agency, and provides aid to the many advancedpersistentthreats (APTs) run directly by the agency, by its semi-autonomous provincial...
7 November 2020. "Vietnamese APT32 group is one of the most advanced APTs in the threat landscape". Cyberdefensemagazine.com. Retrieved 7 November 2020...
group, the group has now been designated as an advancedpersistentthreat due to intended nature, threat, and wide array of methods used when conducting...
The Equation Group, classified as an advancedpersistentthreat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access...
Emerald Sleet) is a North Korean state-backed hacker group and advancedpersistentthreat that targets South Korean think tanks, industry, nuclear power...
result of the explosion. Fancy Bear is classified by FireEye as an advancedpersistentthreat. Among other things, it uses zero-day exploits, spear phishing...
of the Ministry of State Security. The team was designated an advancedpersistentthreat by Fireeye, who reported that they target aerospace, engineering...
held responsible for how the NSA uses this advance information. Advancedpersistentthreat Cyberwarfare in the United States Equation Group Magic Lantern...
Military Unit Cover Designator (MUCD) of a People's Liberation Army advancedpersistentthreat unit that has been alleged to be a source of Chinese computer...
Proofpoint), MUDCARP, Periscope, Temp.Periscope, and Temp.Jumper, is an advancedpersistentthreat operated by the Hainan State Security Department, a branch of...
Cozy Bear, classified by the United States federal government as advancedpersistentthreat APT29, is a Russian hacker group believed to be associated with...
least 2014. It has targeted many of the same organizations as AdvancedPersistentThreat 33, according to John Hultquist. In April 2019, APT34's cyber-espionage...
AdvancedPersistentThreat 33 (APT33) is a hacker group identified by FireEye as being supported by the government of Iran. The group has also been called...
Unit 8200 (Hebrew: יחידה 8200, Yehida shmone matayim "Unit eight two-hundred") is an Israeli Intelligence Corps unit of the Israel Defense Forces responsible...
activity is believed to be associated with a state-sponsored advancedpersistentthreat. It was given the designation Titan Rain by the federal government...
security cameras. Since at least April 2017, TEMP.Periscope, an advancedpersistentthreat based in China, has been hacking Cambodian organizations related...
shell is commonly used by malicious Chinese actors, including advancedpersistentthreat (APT) groups, to remotely control web servers. This web shell...
Carbon Spider, ELBRUS, or Sangria Tempest, is a Russian criminal advancedpersistentthreat group that has primarily targeted the U.S. retail, restaurant...
Operation Aurora was a series of cyber attacks performed by advancedpersistentthreats such as the Elderwood Group based in Beijing, China, with associations...
(BSI) AdvancedPersistentThreat (APT) response service providers list in May 2022. Talos regularly collects data on the latest cybersecurity threats, malware...
Management and Security Suite" was "Highly Commended" in the Best AdvancedPersistentThreat Protection category at the SC Magazine Awards Europe 2014. In...