Last Updated on May 24, 2015
Or better “The Unbearable Lightness of (Human) Beings and APTs”. Immediately after my post on Cyber Weapons, I was pointed out that APTs are not Cyber Weapons. On a more general perspective, APTs are not things but (groups of) human beings who have the capability and the intent to target specific entries with multi-factor attacks. Said in few words an APT is not a “what” but is a “who”. On the other hand, how many could afford to hire (and pay) a double agent capable of implanting a malware inside a nuclear complex through an infected USB thumb?
An Oxford dictionary for Information Security has not already been published, hence this term is commonly used to refer to cyber threats or long-term sophisticated hacking attacks. The latter is the interpretation closer to what I meant in compiling the chart.
Maybe the closest to an official definition comes from the National Institute of Standards and Technology where the term applies not to the attack but to the attacker:
“An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, and deception). These objectives typically include establishing and extending footholds within the information technology infrastructure of the targeted organizations for purposes of exfiltrating information, undermining or impeding critical aspects of a mission, program, or organization; or positioning itself to carry out these objectives in the future. The advanced persistent threat: (i) pursues its objectives repeatedly over an extended period of time; (ii) adapts to defenders’ efforts to resist it; and (iii) is determined to maintain the level of interaction needed to execute its objectives.”
http://csrc.nist.gov/publications/drafts/800-53-rev4/sp800-53-rev4-ipd.pdf
Nice Spot! Thanks for your precious contribution. It matches exactly what I meant. At this point I wonder why, despite the NIST Definition, there is still so much confusion about the meaning of this term. Thanks again!