Advanced persistent threat

What is an advanced persistent threat (APT)?

These are elaborate, multi-step targeted attacks aimed at infiltrating a specific network, such as governmental institutions or companies.

How they spread

APTs are designed to evade detection and usually involve malware attempting to exploit vulnerabilities.

What they are after

Unlike hit-and-run attacks, APTs exploit vulnerabilities to get in, and once inside, the attacker monitors traffic to steal the desired information. In this respect, APTs are to antivirus what stealth aircraft is to radar; they aim to remain undetected as long as possible in order to siphon off intellectual property, computer source code, and financial assets.

Known cases

Some of the most high-profile cases of advanced persistent threats targeting companies include Adobe, Google, Lockheed Martin, and Sony.

Download Protection

The Avira Security Wordbook

Search our threat glossary for clarifications on frequently used terms in IT security.