What is an APT (Advanced Persistent Threat)?
D2 ยท Threats ยท CompTIA Security+ SY0-701An APT (Advanced Persistent Threat) is a prolonged, stealthy cyberattack in which an intruder gains unauthorized access to a network and remains undetected for an extended period to steal data, conduct espionage, or prepare for destructive attacks.
APT characteristics: Advanced (sophisticated custom tools), Persistent (long-term presence, often months/years), Threat (motivated, targeted adversary โ usually nation-state or organized crime).
Common APT tactics: spear phishing initial access โ establish C2 โ lateral movement โ data exfiltration.
APT characteristics: Advanced (sophisticated custom tools), Persistent (long-term presence, often months/years), Threat (motivated, targeted adversary โ usually nation-state or organized crime).
Common APT tactics: spear phishing initial access โ establish C2 โ lateral movement โ data exfiltration.
APTs are not opportunistic โ they have a specific target and goal. Nation-state APT groups have designations (APT28/Fancy Bear = Russia, APT41 = China). Defenses: network segmentation, least privilege, threat hunting, DLP, and robust logging. Dwell time (time undetected) can be 200+ days.