Your browser does not support JavaScript!

Advanced Persistent Threat

Advanced Persistent Threat

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
— Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Targeted cyber attacks against government and commerce have been on-going since at least 2003 and possibly some time before that. These attacks are commonly known as advanced persistent threats (APT). By far the largest sponsor of these attacks is the Chinese state, although other states also carry out attacks. This is not a new problem; it is simply espionage. These attacks are designed to steal information that will fulfil a clear set of requirements set by the attacker and furnish them with political, commercial and security/intelligence information. These requirements are carefully and clearly identified, shared with a number of government departments and constantly updated. There is evidence of worldwide targeting but only a minority of attacks are identified and fewer still made public. This article seeks to educate the reader on what APTs are, how they are different from other IT security threats and what can be done to identify and mitigate them.


    1. 1)
      • [6]. Kushner, D.: ‘The Real story of stuxnet’,, accessed June 2014.
    2. 2)
      • [1]. Riley, M, Lawrence, D.: ‘Hackers Linked to China's Army Seen From EU to D.C.’,, accessed June 2014.
    3. 3)
      • [5]. Crouching Tiger, Hidden Dragon, Stolen Data’,, accessed June 2014.
    4. 4)
      • [4]. Binole, B.E., McRee, R., O'Connor, T.J.: ‘Assessing Outbound Traffic to Uncover Advanced Persistent Threat’,, accessed June 2014.
    5. 5)
      • [9]. Poison Ivy: Assessing Damage and Extracting Intelligence’, http://www.fireeye/com/resources/pdfs/fireeye-poison-ivy-report.pdf, accessed June 2014..
    6. 6)
      • [14]. Hutchins, E.M., Cloppert, M.S., Amin, R.M.: ‘Intelligence-driven Computer Network, Defense Informed by Analysis of Adversary Compaigns and Intrusion Kill Chains’, accessed June 2014.
    7. 7)
      • [10]. The file that hacked RSA: how we found it’, accessed June 2014..
    8. 8)
      • [11]. Mazitelli, N.: ‘The Crouching Tiger at the IHS watering Hole’,, accessed June 2014.
    9. 9)
      • [3]. Alperovitch, D.: ‘Revealed: Operation Shady RAT’,, accessed June 2014..
    10. 10)
      • [7]. Bencsáth, B., Pée, G., Buttyán, L., Felegyházi, M.: ‘Duqu: A stuxnet-like malware found in the wild’,, accessed June 2014..
    11. 11)
      • [12]. Google Blocks 247 Digital Certificates, But Worries Linger’, breaches/, accessed June 2014.
    12. 12)
      • [2]. Tracking GhootNet: Investigating a Cyber Espoinage Network’,, accessed June 2014..
    13. 13)
      • [13]. RAR file format’, accessed June 2014.
    14. 14)
      • [8]. The Shamoon Attacks’,, accessed June 2014.
    15. 15)
      • [15]. Indictment, accessed June 2014..

Related content

This is a required field
Please enter a valid email address