Advanced Persistent Threats (APT)
An advanced persistent threat (APT) isa broad term used to describe an attack campaign in which an intruder, or team of intruders, establishes an illicit, long-term presence on a networking order to mine highly sensitive data.
APT attacks frequently make use of spear phishing tactics, as these are essential to get high ranked targets/people to open the phishing mails and fall a prey to these mails and launch the attack. Because a great deal of effort and resources can go into carrying out APT attacks, hackers typically select high-value targets, such as nation-states and large corporations.
The consequences of such intrusions are vast and include:
Intellectual property theft (e.g., trade secrets or patents)
Compromised sensitive information (e.g., employee and user private data)
Sabotage of critical organizational infrastructures (e.g., database deletion)
Total site takeovers
Once an attacker’s found their way into your network, they can install malware or ransomware, which could cause system outages and other nasty disruptions.
Ransomware is one of the costliest forms of malware, and it’s often delivered through a phishing email. As soon as the ransomware infects one device, it seeks out others on the network to infect, taking down an entire office.
APT attacks differ from traditional web application threats, in that:
They’re significantly more complex.
They’re not hit and run attacks — once a network is infiltrated, the perpetrator remains in order to attain as much information as possible.
They’re manually executed (not automated) against a specific mark and indiscriminately launched against a large pool of targets.
They often aim to infiltrate an entire network, as opposed to one specific part.
Ransomware encrypts files, making them unusable. The hacker demands a ransom, usually in bitcoin, in exchange for a decryption key.