Advanced persistent threats as a manifestation of states’ military activity in cyber space

Abstract

The term Advanced Persistent Threats (APT, APTs) has a relatively short history – originated in the United States’ government spheres and as such was referred to cyber attacks waged by a state actor. The emergence of such threats has been linked to the evolution of the hacker underground that took place after 2000. The activity of specialists swelling the Black Hat ranks had the nature of criminal offences, targeting data collected by corporations and state institutions. Despite a dozen or so years of experience with APTs, they continue to be a dynamic category of contemporary cyber security threats, with many evolving components beyond simple classification. Their unambiguous identification as a strictly separate type is obstructed mainly by the complex structure of such attacks, prompting analysts to locate them in a catalog containing various known vulnerabilities, mechanisms, cycles and variables. The analysis of the problem and the evolution of attacks to date has led to the hypothesis that Advanced Persistent Threats are now in the phase of their further modification and testing as a means of offensive action in inter-state and asymmetric conflicts. Armed forces and special services of states saw in them not only a tool per se to achieve economic and military advantage, but a theoretical basis for further research on the development of advanced cyber weapon.