Advanced Persistent Threat (APT) is defined in the NIST SP 800-172 publication as an adversary that has the resources and expertise to attack systems through different attack vectors. Channels of attack may include cyber threats, physical system access, or deception campaigns. APTs could be state-sponsored attacks with the aim of gaining sensitive information or simply to disrupt critical services.
An attack by an APT will often be complex, reactive to the organization’s defenses, and take place over an extended period of time. Access may not be instantly detected, as an APT’s objective could be to gain access to a system in preparation for future attacks or data breaches.
CUI related to critical government programs or high-value federal assets are an attractive target for APT groups. In these instances, CUI could be leveraged for ransom or stolen to compromise critical programs, systems or government objectives. NIST SP 800-172’s introduction is intended to make it harder for attackers and, in doing so, making the federal supply chain more resilient.