Advanced Persistent Threat (APT)

Alternative Definitions

Definition 2

An adversary with sophisticated levels of expertise and significant resources, allowing it through the use of multiple different attack vectors (e.g., cyber, physical, and deception) to generate opportunities to achieve its objectives, which are typically to establish and extend footholds within the information technology infrastructure of organizations for purposes of continually exfiltrating information and/or to undermine or impede critical aspects of a mission, program, or organization, or place itself in a position to do so in the future; moreover, the advanced persistent threat pursues its objectives repeatedly over an extended period of time, adapting to a defender’s efforts to resist it, and with determination to maintain the level of interaction needed to execute its objectives.

Source: Committee on National Security Systems Glossary CNSSI 4009-2015Type: standard

Definition 3

A sophisticated adversary that (i) pursues its objectives repeatedly over an extended period of time, (ii) adapts to defenders’ efforts to resist it, and (iii) is determined to main- tain the level of interaction needed to execute its objectives.

Source: March 2020 CSC ReportType: external

Definition 4

An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception).

Source: NICCS GlossaryType: standard

Definition 5

An industry term used to describe suspected offensive cyber activity in which the cyber actor occupies the network for an extended period while continuously penetrating systems and avoiding detection. See Intrusion Set.

Source: ODNI Cyber Threats to Elections LexiconType: external