Litcius/Paper detail

Cyber Security and APT Groups

Ladislav Buřita, Thao Le Dinh

202112 citationsDOI

Abstract

This research aims to describe and analyse APT (Advanced Persistent Thread) groups and their activities. Information was taken from articles, reports, and studies; published by organizations dealing with cybersecurity. APT groups often operate in state sponsorship, but could also be sponsored by a company to obtain sensitive information about their competitors. The term APT is explained and then described in detail. The well-known APT groups from China, Russia, North Korea and Iran are included. The main goal of APT activities is espionage, financial gain, intelligent property theft, and sabotage. The life cycle of the APT attack is analysed and discussed. In the paper are compared four life cycle examples; they are divided into phases, from five to ten. The initial phase of all life cycles is „reconnaissance”. It determines the success of the attack and, of course, the reliability of the defence. The future research of APT groups is mentioned.

Topics & Concepts

Computer scienceComputer securityInformation and Cyber SecurityNetwork Security and Intrusion DetectionCybersecurity and Cyber Warfare Studies