An advanced persistent threat (APT) is a targeted attack by cyber criminals or in some cases government institutions that uses multiple phases to first stealthily penetrate a network while avoiding detection and then obtain valuable information over an extended period of time. Advanced persistent threats are highly complex threats that differ from traditional threats in that they are targeted, persistent, evasive and extremely advanced.
Penetrating the defenses of a specific organization or country and then stealing information from them without being detected requires enormous amounts of research and time, and the entire process of an advanced persistent threat may take months or even years to fully execute. Because of the scope of attack, as well as the costs and time involved, APTs are often initiated, either directly or indirectly, with the involvement of national or international government bodies.
One of the most well-known examples of an advanced persistent threat was Stuxnet, a malware worm created to disrupt Iran s nuclear development efforts.