Talk:Advanced persistent threat

This article is rated B-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

China Mid‑importance China portal This article is within the scope of WikiProject China, a collaborative effort to improve the coverage of China related articles on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Mid This article has been rated as Mid-importance on the project's importance scale. Computer Security: Computing High‑importance This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. High This article has been rated as High-importance on the project's importance scale. This article is supported by WikiProject Computing. Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here. Espionage High‑importance Advanced persistent threat is within the scope of WikiProject Espionage, which aims to improve Wikipedia's coverage of espionage, intelligence, and related topics. If you would like to participate, visit the project page, or contribute to the discussion. High This article has been rated as High-importance on the project's importance scale. Iran Low‑importance Iran portal This article is within the scope of WikiProject Iran, an attempt to build a comprehensive and detailed guide to articles related to Iran on Wikipedia. If you would like to participate, please join the project where you can contribute to the discussions and help with our open tasks. Low This article has been rated as Low-importance on the project's importance scale. Israel Low‑importance Israel portal This article is within the scope of WikiProject Israel, a collaborative effort to improve the coverage of Israel on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Low This article has been rated as Low-importance on the project's importance scale. Project Israel To Do: edit history watch purge Here are some tasks awaiting attention: Assess : Rate the Unassessed Israel-related articles and Unknown-importance Israel-related articles. Categorization : Diffuse articles from Category:Companies of Israel. Cleanup : Cleanup listing for this project is available. See also the list by category and the tool's wiki page. Collaborate : Participate in WikiProject Israel Palestine Collaboration. Copyedit : Timeline of the Israeli–Palestinian conflict in 2005 Deletion sorting : Participate in discussions at WikiProject Deletion sorting/Israel. Expand : Ayala Procaccia, Diamond industry in Israel, Edna Arbel, Levin Kipnis, Rami Kleinstein, Sephardic Haredim, Zman Tel Aviv, Nachum Heiman, Public Defence (Israel), Prisoner of Zion, Trial of Benjamin Netanyahu, Day to Mark the Departure and Expulsion of Jews from the Arab Countries and Iran, Pre-Modern Aliyah See also Articles needing translation from Hebrew Wikipedia. Geographical coordinates : Add geographic coordinates to Israel articles missing geocoordinate data. Infobox : Add infoboxes to Israel articles needing infoboxes. Maintain : See Israel articles needing attention. Map : See discussion at Module:Location map/data/Israel. Add maps to articles in Wikipedia requested maps in Israel. NPOV : Jewish exodus from Arab and Muslim countries Photo : Add pictures to articles in Wikipedia requested photographs in Israel. Stubs : See Israel stubs. Update : Basic Law proposal: Israel as the Nation-State of the Jewish People Other : Translate to Hebrew : David Bar-Hayim, Guy Bavli, and Guy Oseary. Merge Nahal Rafiah (draft, heb) into Nahal as requested by Wikipedia authority Korea Low‑importance This article is within the scope of WikiProject Korea, a collaborative effort to build and improve articles related to Korea. All interested editors are invited to join the project and contribute to the discussion. For instructions on how use this banner, please refer to the documentation. Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject North Korea. Russia Low‑importance Russia portal This article is within the scope of WikiProject Russia, a WikiProject dedicated to coverage of Russia on Wikipedia. To participate: Feel free to edit the article attached to this page, join up at the project page, or contribute to the project discussion. Low This article has been rated as Low-importance on the project's importance scale. United States Low‑importance United States portal This article is within the scope of WikiProject United States, a collaborative effort to improve the coverage of topics relating to the United States of America on Wikipedia. If you would like to participate, please visit the project page, where you can join the ongoing discussions. Template Usage Articles Requested! Become a Member Project Talk Alerts Low This article has been rated as Low-importance on the project's importance scale. Vietnam Low‑importance Vietnam portal This article is part of WikiProject Vietnam, an attempt to create a comprehensive, neutral, and accurate representation of Vietnam on Wikipedia. If you would like to participate, please visit the project page. Low This article has been rated as Low-importance on the project's importance scale. Central Asia: Uzbekistan Low‑importance Asia portal Advanced persistent threat is part of WikiProject Central Asia, a project to improve all Central Asia-related articles. This includes but is not limited to Afghanistan, Kazakhstan, Kyrgyzstan, Mongolia, Tajikistan, Tibet, Turkmenistan, Uzbekistan, Xinjiang and Central Asian portions of Iran, Pakistan and Russia, region-specific topics, and anything else related to Central Asia. If you would like to help improve this and other Central Asia-related articles, please join the project. All interested editors are welcome. Low This article has been rated as Low-importance on the project's importance scale. Uzbekistan portal This article is supported by WikiProject Uzbekistan (assessed as Low-importance). Internet Low‑importance Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks. Low This article has been rated as Low-importance on the project's importance scale.

Wiki Education Foundation-supported course assignment

Latest comment: 2 years ago1 comment1 person in discussion

  This article was the subject of a Wiki Education Foundation-supported course assignment, between 17 May 2021 and 31 July 2021. Further details are available on the course page. Student editor(s): Dephiant08. Peer reviewers: Dephiant08, Fconteh02.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 13:28, 16 January 2022 (UTC)Reply

Intro is hackey

Latest comment: 8 years ago2 comments2 people in discussion

Please improve the first paragraph.

It is amateurish, especially the use of the term "hacking processes". The term "hacking" used in a network security context should be reserved for the popular press, and for street talk, not for formal writing nor a precise definition.

It is an exact copy from the reference text. The reference seems questionable to me, I am not sure of the process of determining a good authoritative reference, but this doesn't seem like one.

A better intro might come from here: http://searchsecurity.techtarget.com/definition/advanced-persistent-threat-APT

Sorry, I don't feel competition enough of an editor to make the change myself. Dlotts (talk) 21:12, 18 March 2014 (UTC)Reply

--Totally agree 31.22.0.74 (talk) 10:16, 22 May 2015 (UTC)Reply

Usage question

Latest comment: 10 years ago2 comments2 people in discussion

In this blog post, Richard Bejtlich writes: "APT is not an effort -- it's a proper noun, i.e., a specific party." This seems to mean that saying "APT" is not like saying "organized crime", it's like saying "the Mafia" -- the name of a specific organization. Thoughts? --FOo (talk) 07:09, 17 April 2010 (UTC)Reply

That's because historically APT was, and possibly still is used to refer to a specific actor (i.e. a person, group, or country) that was seen to be attacking the USA. Marketing caught on to the military term and started to use it to help market products, this lead to a lot of confusion and twisting of what APT is/means.

So it depends on the context that APT is being used: - - If it's a press release from a company that got compromised, it means it was any attack that they failed to stop (either attack was sophisticated or because their defences were weak, they imply the former but it could well be the latter). - If it's the US military then it may be a particular threat actor. - If it's marketing/sales they are trying to hype there product to say it can stop the attacks that have been engineered to bypass all the other defences (e.g. their competitors' products). — Preceding unsigned comment added by 124.169.137.63 (talk) 13:07, 4 June 2013 (UTC)Reply

Capitalization

Latest comment: 12 years ago2 comments1 person in discussion

The title of this article should be "Advanced persistent threat". I would move the article, but it looks like moving articles became a special permission at some point when I wasn't paying attention. modify 03:56, 28 August 2011 (UTC)Reply

Never mind -- found the move link hiding in a dropdown UI element. modify 04:17, 28 August 2011 (UTC)Reply

Completely incorrect

Latest comment: 10 years ago1 comment1 person in discussion

This article is completely incorrect. ADT refers to the malware, not the authors. — Preceding unsigned comment added by 194.80.66.187 (talk) 11:10, 23 January 2014 (UTC)Reply

Doesn't explain much

Latest comment: 9 years ago1 comment1 person in discussion

What's all the "process" stuff in the first paragraph? "Process" has many different meanings depending on context, but it is unclear which one is used here.

The "Characteristics" section doesn't give any characteristics that distinguish APT from other computer threats. For instance, "Actions – The precise actions of a threat or numerous threats". So APT has actions, but so does any other threat. To make this a characteristic you have to explain what is special about the actions of APT vs non-APT threats. This section looks like bullet points copied from a Powerpoint presentation, but without the talk that the original presenter gave. 108.234.224.230 (talk) 21:50, 1 December 2014 (UTC)Reply

External links modified

Latest comment: 7 years ago1 comment1 person in discussion

Hello fellow Wikipedians,

I have just modified one external link on Advanced persistent threat. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20110418080952/http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm to http://www.businessweek.com/magazine/content/08_16/b4080032218430.htm

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 20:45, 4 October 2016 (UTC)Reply

NPOV text

Latest comment: 5 years ago2 comments1 person in discussion

Regarding the beginning of this passage:

A common misconception[who?] associated with the APT is that the APT only targets Western governments. While examples of technological APTs against Western governments may be more publicized in the West, actors in many nations have used cyberspace as a means to gather intelligence on individuals and groups of individuals of interest.[11][12][13] The United States Cyber Command is tasked with coordinating the US military's offensive and defensive cyber operations.

Someone has already added a "who" tag but I think the text shouldn't remain as it stands. Maybe NPOV isn't precisely the right description for the problem of this text, but either way it seems to be making an overly large and unfounded assumption. Unless someone clears it up or opposes it, I will remove or at least trim down this text later this week or next. Thanks. 60.248.185.19 (talk) 07:54, 12 July 2018 (UTC)Reply

Done.60.248.185.19 (talk) 01:12, 17 July 2018 (UTC)Reply

Article Request

I just placed the APT10 link inside thanks.

• https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-cloud-hopper-what-you-need-to-know</ref>
• https://www.fireeye.com/blog/threat-research/2018/09/apt10-targeting-japanese-corporations-using-updated-ttps.html</ref>
• https://www.fireeye.com/blog/threat-research/2017/04/apt10_menupass_grou.html</ref>
• https://www.wired.com/story/doj-indictment-chinese-hackers-apt10/</ref>

^[1]

• https://www.google.com/search?ei=HiMYXcuvMIrj_AaIq58Y&q=navy+personnel+breach&oq=navy+personnel+breach&gs_l=psy-ab.3...2333.7206..7468...2.0..0.230.2201.17j3j3......0....1..gws-wiz.......0i71j0i131j0j0i10j0i22i30j33i160.jyLIoJGyjkg</ref>
• https://www.google.com/search?source=hp&ei=iSMYXfvgC4u85gKp0bgg&q=operation+cloud+hopper&oq=operation+cloud+&gs_l=psy-ab.3.0.0j0i10j0l5.574.3402..4230...0.0..0.71.919.16......0....1..gws-wiz.....0..0i131.uYUxdHHi4RM</ref>

APT10 Redirect

I made a page here. For signed in users going to APT 10 this is not the formal page

References

1. https://www.cyberscoop.com/chinese-linked-apt10-has-been-active-in-the-philippines-researchers-say/

Article Request:APT3

Latest comment: 4 years ago1 comment1 person in discussion

Article Request--Personisgaming (talk) 13:50, 29 September 2019 (UTC)Reply

https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit

Section on Mandiant's UNC designation

Latest comment: 2 years ago1 comment1 person in discussion

Should something be said in this article about Mandiant's designation of groups as UNC for uncategorized? It's a small detail, but that information is currently not found anywhere on Wikipedia except in the Ghostwriter (hacker group) article, which I myself added. Somers-all-the-time (talk) 04:47, 7 March 2022 (UTC)Reply