What is APT?
Now a new front in the wars in the global power struggle. cyber wars intensely experienced. For these wars, states establish cyber armies. There are some groups that are indirectly supported by the personnel working within the states or independently by the state.
Here are these groups, their short name APT the one which... Advanced Persistent Threat is called. Turkish usage isAdvanced Persistent Threatsis ”. APT groups have become a great danger to all institutions, organizations and states. The term APT was first used in 2006 by Colonel Greg Rattray of the US Air Force.
The reason why it is called an Advanced Persistent Threat is explained by the fact that attackers stay there for a long time by gaining unauthorized access to the systems. Their aim is to sneak into the system slowly and unnoticed, stay there as long as possible, collect the maximum amount of data and realize the purpose of the operation.
How Is APT Named?
- Developed: The attacking APT groups use all the facilities and advanced tools at their disposal, various cyber attack and intelligence techniques to infiltrate the system. APT groups use many attack tools together or make their own attack tools.
- Permanent: It is one of the definitions that distinguishes APT groups from hacking groups or other hackers. The aim of APT groups is not to cause random damage to the system like other hackers, but to fulfill the purpose of the operation they target. After APT groups infiltrate a target, they remain in the target system until the desired information is received.
- Threatening: APT groups are supported by the state. They are highly motivated and work determinedly until they reach their goals. Therefore, it is defined as a "threat" by cyber security companies.
What Are the Goals of APTs?
APT groups can organize attacks against many different targets. Their goals may also vary according to the interests of the state they receive support from. These goals are usually:
- Telecommunication
- Energy
- Technology
- finance
- Health
- chemical industry
- Critical infrastructure systems
- Media
These targets include important sectors for countries. In addition to these sectors, APT groups also target government institutions and governments of the country they will attack. The reason why the targets are chosen from important sectors in this way is that the states want to exert pressure and attrition on each other.
APT Groups and Supporters
There are many APT groups in the world. These groups are named differently and supported by different countries. Number of APT groups It is currently known as 110. To view these groups https://attack.mitre.org/groups/ You can check the page at. It is known that most APT groups detected so far by cyber security companies are supported by Russia, China, Iran and North Korea. In addition, it is supported by different states. APT groups exist.