Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help Locally
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Contact Us
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
  2. Topics
  3. Cyber Threats and Advisories
Share:
An abstract image of the globe with cyber elements

Advanced Persistent Threats

CISA can help individuals and organizations enhance network, device, and online safety to defend against advanced persistent threats.

Cyber Threats and Advisories

  • Malware, Phishing, and Ransomware
  • Incident Detection, Response, and Prevention
  • Information Sharing
  • Securing Networks
  • Advanced Persistent Threats

Overview  

An advanced persistent threat (APT) works to access computer networks and systems without being detected or noticed. These threats, sometimes enacted by a nation state or state-sponsored group, can steal private information, damage IT systems and disrupt the function of vital systems. Defending against Advanced Persistent Threats is a difficult task as they act stealthily, and their intrusions can be hard to recognize.

CISA’s Role   

CISA provides a holistic approach to defending against advanced persistent threats. CISA offers tools, assessments, and services to enhance network, device, and online safety for both individuals and organizations. CISA coordinates information sharing to spread awareness of vulnerabilities, strategies for defense, and potential threats. CISA also offers tools and expertise needed to response to events once they have been detected. By shoring up cybersecurity practices across our nation, we protect ourselves from dangerous advanced persistent threats.

Featured Content

Shields Up

Stay Shields Up! to prepare for, respond to, and mitigate the impact of cyber-attacks. CISA is here to support you and your cybersecurity needs with expert resources, tools, and services to protect you from cyber threats. 

Joint Cyber Defense Collaborative

JCDC promotes national resilience by coordinating actions across federal agencies; state, local, tribal, and territorial partners; and private sector entities to identify, protect against, detect, and respond to malicious cyber activity.

CISA in Action

Discover the latest security tips and how CISA is keeping protect our nation against advanced persistent threats.

View All Cyber Threats and Advisories News

Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets

OCT 22, 2020 | CYBERSECURITY ADVISORY | AA20-296A
This joint cybersecurity advisory—written by the FBi and CISA—provides information on Russian state-sponsored advanced persistent threat actor activity targeting various U.S. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks.

Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

DEC 17, 2020 | CYBERSECURITY ADVISORY | AA20-352A
CISA is aware of compromises of US government agencies, critical infrastructure entities, and private sector organizations by an advanced persistent threat actor beginning in at least March 2020.

Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

OCT 30, 2020 | CYBERSECURITY ADVISORY | AA20-304A
CISA and the FBI are aware of an Iranian advanced persistent threat actor targeting US state websites, including election websites. CISA and the FBI assess this actor disseminated voter intimidation emails to US citizens and US election-related disinformation in mid-October 2020.

Advanced Persistent Threat Actors Targeting U.S. Think Tanks

DEC 01, 2020 | CYBERSECURITY ADVISORY | AA20-336A
CISA and the FBI have observed persistent continued cyber intrusions by advanced persistent threat actors targeting U.S. think tanks, often (but not exclusively) directed at individuals and organizations that focus on international affairs or national security policy.
View All Cyber Threats and Advisories News

Resources, Tools, and Publications

CISA offers guides, tools, and other resources to protect against advanced persistent threats.

View All Cyber Threats and Advisories Resources

Advanced Persistent Threat Actors Targeting U.S. Think Tanks

DEC 01, 2020 | CYBERSECURITY ADVISORY | AA20-336A
CISA and the FBI have observed persistent continued cyber intrusions by advanced persistent threat actors targeting U.S. think tanks, often (but not exclusively) directed at individuals and organizations that focus on international affairs or national security policy.

APT Groups Target Healthcare and Essential Services

MAY 05, 2020 | CYBERSECURITY ADVISORY | AA20-126A
CISA and NCSC continue to see indications that advanced persistent threat groups are exploiting the COVID-2019 pandemic as part of their cyber operations. This alert highlights ongoing activity against organizations involved in both national and international COVID-19 response.

APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations

OCT 09, 2020 | CYBERSECURITY ADVISORY | AA20-283A
CISA has observed advanced persistent threat actors exploiting multiple legacy vulnerabilities in combination with a newer privilege escalation vulnerability in Windows Netlogon. "Vulnerability chaining" exploits multiple vulnerabilities in the course of a single intrusion.

Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure

PUBLICATION
This CISA Insights provides critical infrastructure owners and operators with guidance on how identity and mitigate the risks of influence operations.
Download File (PDF, 411.55 KB)
View All Cyber Threats and Advisories Resources

Contact Us

Need CISA's help but don't know where to start?

Organizations can also report anomalous cyber activity and/or cyber incidents 24/7 to report@cisa.gov or (888) 282-0870.

Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • The White House
  • USA.gov
  • Website Feedback