Contact Us Today 01642 716680

Advanced Persistent Threat

Definition: An Advanced Persistent Threat (APT) is a sophisticated, prolonged, and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period. The primary intentions behind an APT are to steal data or surveil network activities rather than cause immediate harm to the network or organisation.

Advanced Persistent Threats usually target high-value targets, such as nation-states and large corporations, and involve intricate multi-phased strategies employing a variety of techniques to infiltrate securely held information systems. They are characterised by their level of sophistication, persistence, stealth, and significant resources backing the attackers, who are often state-sponsored or well-funded criminal organisations.

The complexity of Advanced Persistent Threat attacks requires comprehensive and layered security measures for defence. This includes regular monitoring of network activities, endpoint protection, threat intelligence, swift incident response, and a strong emphasis on employee training and awareness.

Key Characteristics:

  • Sophistication: APTs use advanced hacking techniques and malware to exploit vulnerabilities in a system.
  • Long-term Objective: APTs focus on long-term access to the target’s network, rather than immediate financial gain.
  • Stealth and Covert Operations: The aim is to remain undetected within the network to continuously gather valuable information.
  • Targeting Specific Entities: Often aimed at government or corporate entities for strategic advantage.


  • Real-World Example: The Stuxnet virus represented an APT directed towards Iran’s nuclear facilities, aiming to sabotage their nuclear program while remaining undetected for as long as possible.
  • Hypothetical Scenario: A nation-state’s intelligence agency carefully and persistently targets a defence contractor’s network to steal blueprints for advanced technology without being discovered.

Related Terms:

  • Cyber Espionage: The act of using cyber techniques to gain illicit access to confidential information, often related to APTs.
  • Malware: Malicious software used as part of APTs to infect and remain undetected within a network.
  • Zero Day Exploit: An attack exploiting previously unknown vulnerabilities, which may be used in APTs to gain access to target systems.

Related Services:

What is the OWASP Top 10: Download our flash cards to find out.

Inside you will find a description of the most common web vulnerabilities.

Contact us

Get a free, no obligation quote from one of our expert staff.