Advanced persistent threat

APT - nation-state and organized crime actors.

APTs typically target large organizations, such as financial institutions, companies in healthcare, and other organizations that store large PII data sets. APTs also target governments to carry out political objectives, interfere in elections, or to spy.

APTs spend considerable effort in gathering intelligence on their target and are able to craft highly specific custom exploits. Another characteristic of the advanced nature of APTs is that they often combine many different attack elements into an overall threat architecture.

APTs have diverse overall goals, but since a large part of the attack is about stealth, most APTs are interested in maintaining access — or persistence — to networks and systems. There are several techniques that can grant attackers access for months or even years on end without being detected.

Because of this, APTs are some of the most insidious and harmful threats to an organization.