Advanced Persistent Threats

Advanced Persistent Threats is the term for the most advanced hackers, normally used for the departments in intelligence and signals intelligence agencies that collect information by computer network intrusions.

APT are not like ordinary hackers in terms of targeting, capacity and persistence. Regular hackers hacking for fun or for profit don’t have any specific targets with their attacks, they go for the easiest prey, the lowest hanging fruit. Your relative security level determines your security. If you´re not the weakest gnu on the cyber savannah you will probably not get attacked by ordinary hackers.

For the APT you or your organization is the absolute target of the operation. You are part of someone’s intelligence requirements and your information is the target, therefore your absolute security level determines your safety. The APT attackers will continue to try to reach their collection goals either until they succeed or until their working hours are up for the day. But the next day the will continue trying. They are persistent.

In addition to the intelligence and signals intelligence services, some other types of actors can also sometimes be classified as Advanced Persistent Threats. This includes some cyber criminals and maybe some hacker/ hacktivist groups such as Anonymous and LulzSec. Also some terrorist organizations, like Al Qaida and IS could maybe be said have the capacity of being an Advanced Persistent Threat. They are at least persistent, but maybe not so advanced.

APTs have large resources, monetary, legally as well as personnel, which gives them capabilities that regular hackers don’t have.

  • Intelligence Services

  • Cyber criminals

  • Hacker groups

  • Terrorist organizations