APT means “advanced persistent threat”. It refers to one attack at a time:
- Sophisticated using malicious software (malware, spyware) to discreetly enter the information systems of its target (companies, governments).
- Persistent to steal data from its target undetected for a long time.
Behind its implementation are usually states or state-sponsored groups. But also sufficiently organized independent groups, benefiting from substantial resources to orchestrate sophisticated attacks using an ecosystem of qualified technicians.
At SEKOIA.IO, our Threat and Detection Research team regularly deals APT attacks primarily targeting European-based businesses, NGOs, think tanks and European government structures. According to the subjects, she shares her analyzes on our blog on:
- APT 27 LuckyMouse
- TURLA, Calisto (aka COLDRIVER)
- APT29 Nobelium, Cozy Bear
- APT31 (aka Zirconium or Judgment Panda)
- Roaming Mantis and the Moqhao Malware
- APT 38, intrusions set associated with North Korea (Lazarus, Kimsuky, Bluenoroff, Andariel, Reaper)
- APT 40
- Vice Society
You can also read other contents on our glossary: