Blog Details

  • Home
  • What is the Advanced Persistent Threat?

What is the Advanced Persistent Threat?

An advanced persistent threat (APT) is a complex, multi-staged, and long-term cyber attempt, typically orchestrated by a secret organization or groups, or cybercriminals. This term was basically utilized to express the groups behind such attacks, but its popular usage has evolved to also refer to the attack strategies we observe from similar threat actors. Most of these hidden organizations are numbered and given specific names. They often end up with multiple monikers since such organizations like to consider their own names for each APT. For example, the APT 29 is a Russian group called Cozy Bear, Cozy Duke, Office Monkeys, and several other names. North Korean group APT 38 is often called the Lazarus Group, Guardians of Peace, or HIDDEN COBRA, among other things, and so on. In practice, an APT group attempts to collect sensitive information from a company or organization to gain profits or ruined their infrastructure on behalf of other organizations. They usually install spyware on the users of their target organization and stay informed by spying on their activities. This process may take months or years to reach the knowledge that they want to use for performing their malicious attack. For example, Stuxnet was designed to attack Iranian Nuclear infrastructure and damaged this station for over a year in 2010. According to the book entitled “Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon”, written by WIRED senior staff writer Kim Zetter, mentioned the story behind Stuxnet’s planning, execution, and discovery. In this excerpt from the book that was released in November 2014, Stuxnet has already been at work silently sabotaging centrifuges at the Natanz plant station in Iran for about a year. An early version of the APT manipulated valves on the centrifuges to expand the pressure within them and ruin the devices as well as the enrichment process. At the time of this APT execution, each cascade at Natanz held 164 centrifuges. Uranium gas flows through the pipes into the centrifuges in a series of stages, becoming further “enriched” at each stage of the cascade as isotopes needed for a nuclear reaction are separated from other isotopes and become concentrated in the gas.

The question is which group was behind this APT weapon?