Advanced Persistent Threat (APT) Definition

1. Look for Information (Reconnaissance)
   Find out who works at the company.
   Learn what systems they use.
   Search online for useful details (emails, software, etc.).

2. Break In (Initial Access)
   Send fake emails with bad links or files.
   Hack a weak or unprotected system.
   Use stolen passwords if available.

3. Stay Inside (Persistence)
   Install tools to get back in later.
   Set up hidden ways to reconnect (like backdoors).
   Make sure access survives a system restart.

4. Get More Power (Privilege Escalation)
   Find ways to become an admin.
   Take over accounts with more access.

5. Explore the Network (Internal Recon)
   Look around to see what other computers are connected.
   Find important data or systems.

6. Move Around (Lateral Movement)
   Use the current access to reach more systems.
   Try to get to the most valuable targets (like servers or data storage).

7. Steal Data (Exfiltration)
   Collect important files or information.
   Send the data out without being noticed.

8. Hide Evidence (Covering Tracks)
   Erase logs and other signs of the attack.
   Use methods that make the attack hard to trace.