APT Lifecycle: Initial Access to Exfiltration

Advanced Persistent Threat (APT) refers to sophisticated, nation-state or well-funded adversaries who conduct long-duration, targeted campaigns. Unlike opportunistic attackers, APTs invest significant resources in specific high-value targets: defense contractors, financial institutions, government agencies.

Lockheed Martin's Cyber Kill Chain describes APT operations in seven phases: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control (C2), and Actions on Objectives. Defenders can disrupt the campaign by breaking any link in the chain.