Advanced Persistent Threat (APT)
A prolonged, targeted cyberattack by a sophisticated, often state-sponsored threat actor.
Full Definition
An Advanced Persistent Threat (APT) refers to a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period. APT actors are typically highly skilled, well-funded, and often backed by nation-states or organized criminal groups.
Unlike opportunistic attacks, APTs are meticulously planned and focused on specific high-value targets such as government agencies, defense contractors, critical infrastructure, or major corporations. The attack lifecycle typically includes initial compromise, establishing a foothold, lateral movement, data collection, and exfiltration — all while evading detection.
Common APT tactics include spear phishing, zero-day exploits, custom malware, and living-off-the-land techniques. Threat intelligence plays a critical role in APT detection by identifying indicators of compromise (IoCs) and tracking known threat actor TTPs (Tactics, Techniques, and Procedures).
Related Terms
Lateral Movement
Techniques used by attackers to progressively move through a network after initial compromise.
Attack TypesIndicators of Compromise (IoC)
Forensic artifacts that indicate a system may have been breached or is actively under attack.
Threat IntelligenceSpear Phishing
A targeted phishing attack customized with personal details to deceive a specific individual or organization.
Attack TypesThreat Actor
Any individual or group that carries out or has the intent to carry out malicious cyber activities.
Threat ActorsMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.