This is an attack in which unauthorized entities (typically a nation-state or state-sponsored group) gain access to an organization through either malware or phishing, and that once inside, have access to files, emails, assets and data. What makes an APT different from many other attacks is that this type of attack is intended to be both stealthy and remain effective in the environment for long periods of time. If left undetected for weeks, months or even years, attackers can gain a significant amount of data on a company to use for malicious purposes.
↑