Threats
Advanced Persistent Threats (APT)
An APT is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.
1 The Spy Operation
Most hackers are like smash-and-grab robbers: break in, steal, get out. APTs are like deep-cover spies.
- Targeted: They don't attack randomly. They pick a specific government or corporation.
- Stealthy: Their goal is to stay hidden to steal data over months or years.
- Well-Funded: Often state-sponsored (Nation States) with immense resources.
2 The APT Lifecycle
1. Reconnaissance
Studying the target. Gathering emails, mapping networks.
2. Initial Compromise
Breaking in via spear-phishing or zero-day exploits.
3. Establish Foothold
Installing backdoors to ensure they can return if discovered.
4. Lateral Movement
Moving from the receptionist's PC to the CEO's laptop or the main server.
5. Exfiltration
Slowly stealing sensitive data without triggering alarms.
Previous
Progress Saved
Next Lesson