An advanced persistent threat (APT) is a type of cyberattack in which the attacker gains and maintains unauthorized access to a targeted network. APTs use social engineering tactics or exploit vulnerabilities to infect a system, and can remain unnoticed for a significant time period.
During that window between infection and remediation, an APT will often monitor, intercept, and relay communications and sensitive data.
Numerous entities--large and small, public sector and private--can benefit from a successful advanced persistent threat. Many suspect that governments and nation states have used APT attacks to disrupt specific military or intelligence operations. Examples include the Titan Rain, Ghostnet, Stuxnet attacks and others. In addition, smaller groups are using simpler tools, such as social engineering, to gain access and steal intellectual property.
A successful advanced persistent threat can be extremely effective and beneficial to the attacker. For nation states, there are significant political motivations, such as military intelligence. For smaller groups, APTs can lead to significant competitive advantages or lucrative payouts.
This is a loaded question. When organizations detect gaps in their security, they intuitively deploy a standalone product to fill that void. A solution filled with standalone products, however, will continue to have inherent gaps.
To avoid these gaps in security, organizations need to take a holistic approach. This requires a multilayered, integrated security solution. Deploying a portfolio of products that can seamlessly work together is the best way to enhance security.