Infosec glossary entry

APT

APT:
Advanced Persistent Threat

An Advanced Persistent Threat (APT) refers to a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period of time. APT attacks are typically carried out by highly skilled and well-funded adversaries, such as nation-states or organized criminal groups, who aim to steal sensitive data, disrupt operations, or gain strategic advantages. The term "advanced" indicates the sophisticated techniques used to exploit vulnerabilities, while "persistent" highlights the attackers' determination to maintain access and achieve their objectives over time.

APT attacks often involve multiple stages, including reconnaissance, initial compromise, lateral movement within the network, and data exfiltration. Unlike traditional cyberattacks that may be opportunistic and short-lived, APTs are characterized by their strategic planning and execution, making them particularly dangerous for organizations. Effective defense against APTs requires a comprehensive security approach, including continuous monitoring and threat intelligence (see TTP).

An adversary with sophisticated levels of expertise and significant resources, allowing it through the use of multiple different attack vectors (e.g., cyber, physical, and deception) to generate opportunities to achieve its objectives, which are typically to establish and extend footholds within the information technology infrastructure of organizations for purposes of continually exfiltrating information and/or to undermine or impede critical aspects of a mission, program, or organization, or place itself in a position to do so in the future; https://csrc.nist.gov/glossary/term/advanced_persistent_threat

By jean-christoph

February 19, 2022

cybercrime, nation state
Leave a Comment

this might interest you as well

Lessons from Sun Tzu’s “The Art of War” in Cybersecurity: Timeless Wisdom or Outdated Tactics?

Introduction Sun Tzu’s "The Art of War" is a legendary strategic treatise written more than 2,500 years ago. Its enduring principles of warfare strategy have transcended military boundaries, influencing disciplines from business management to competitive sports. In today’s digital age, its relevance is increasingly apparent in the cybersecurity landscape, particularly for CISOs of medium-sized enterprises,

Read More

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

Why We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime,

Read More

AI Cyber Security 2025: Key Threats and Essential Strategies for Your Business

Artificial Intelligence is transforming businesses and industries worldwide, but with this transformation comes unprecedented challenges. The recent launch of Cisco AI Defense, a specialized AI security solution, highlights the urgency of securing AI applications. According to Cisco, only 29% of enterprises feel fully prepared to detect and prevent unauthorized manipulations of AI systems. This low

Read More