An APT is an Advanced Persistent Threat.

An APT is underway when an attacker targets a particular system over a long period of time.  The goal is to gain information – not to damage or destroy the system.  His attack is perpetrated against well-chosen targets and the attackers have specific objectives.  For example, an enemy government may want to target a nuclear weapons facility.  Or an attacker might want to target a credit reporting company to get access to credit card numbers.

APTs usually target corporations, banks, government entities, and national defense systems for espionage purposes.  The attackers seldom want the target to discover their presence.

The steps to an APT attack are to gain access to a system, create backdoors and tunnels so that attackers can move around unnoticed, crack passwords and use other methods to gain enhanced privileges (like administrator rights), and then transfer targeted data to their own systems.

They often repeat this process until they are detected.

A Remote Access Trojan (RAT) is a program that includes a backdoor for the attacker to access administrative privileges on a target system.  These programs may be part of freeware programs from dubious sources.  Or they may be sent as an attachment to an email that the attacker entices the recipient to open.  One famous RAT is called Back Oriface.


Leave a Reply

Your email address will not be published. Required fields are marked *