Advanced Persistent Threats, or APTs, are a growing concern in the security industry. APTs differentiate themselves from other types of hacking activities by targeting a specific organization for a specific target, often extremely high pay-off data.
APTs are “advanced” in that the attackers often write customized zero-day malware and exploits specific to their target organization. They will also frequently launch specifically targeted “phishing” attacks in an attempt to exploit user systems. In effect, APTs will harness the full spectrum of logical, physical and social attack vectors – with extreme sophistication and capability.
APTs are also “persistent” in that they are extremely patient and methodical in their approach to reconnaissance, target compromise, and data exfiltration. An APT doesn’t care if it takes a week or a year to reach their objective – just so long as they eventually do.
This Threat Insight Paper examines each phase of the APT lifecycle and provides insight and examples of the log trail that is often left behind at each phase.