What is APT or Advanced Persistent Threat?
An Advanced Persistent Threat is a series of network attacks that are made stealthily for a long duration of time to gain unauthorized access to the network and steal sensitive data for malicious purposes.
In a typical network attack, the attackers make the attack, fulfill their purposes, and leave immediately so that they do not get caught. But in an APT, the attackers remain stealthy for an extended period of time and proceed as planned in a covert manner to steal sensitive data gradually. An APT is much more covert and much more sophisticated than a typical network attack.
Purpose of Advanced Persistent Threat
In a normal attack, the attackers may have several purposes. Usually, those attacks are made to cause damage to the network and systems or to steal sensitive data from the systems. The purpose of the attackers in an APT is not to cause damage to the network or the systems. An APT attack is done mainly to steal sensitive data from the systems gradually in a covert manner.
How do APT attacks work?
An APT Attack is perpetrated typically following the following stages :
- Firstly, attackers use social engineering techniques, spear phishing, zero-day malware, or other security vulnerabilities to infect the systems in the network. The attackers may even plan a watering hole attack, in which malware is placed on websites that the organization’s employees are likely to visit.
- After infecting the systems in the network, the attackers stealthily place a RAT (What is a RAT?) or Backdoor (What is a Backdoor ?) in the systems, enabling attackers to gain unauthorized access to the systems.
- The attackers can escalate the privileges and gain administrative privileges of the systems.
- The attackers then start to collect information from the network.
- The attackers can expand control to other workstations and harvest data from them, too.
- Next, the attackers exfiltrate the data to the attackers from the victim’s network.
Who can be a target of Advanced Persistent Threat (APT)?
The attackers usually target a group or organization from where they can steal sensitive data. The …






0 Comments