About APT Groups

An advanced persistent threat (APT) is a hidden threat actor, typically a nation state or state-sponsored group, that gains unauthorized access to a computer network and remains undetected for long periods of time.

Around the world, almost every state secretly has its own apt group, which is staffed by cyber criminals and carries out various cyber attacks on the points assigned to them, in short, it is an illegal cyber army.

Notably, the term can also refer to non-state-sponsored groups that carry out large-scale targeted intrusions for specific purposes.

The motivation of such threat actors is usually political or economic. Every major business sector has experienced cyberattacks by advanced actors with specific goals, whether it be to steal, spy, or paralyze systems.

Here is a small list of APT groups that have been identified in the Internet space.

China:

PLA Unit 61398 (APT1)
PLA Unit 61486 (APT2)
Buckeye (APT3)
Red Apollo (APT10)
Numbered Panda (APT12)
DeputyDog (APT17)
Codoso Team (APT19)
Wocao (APT20)
APT 27
PLA Unit 78020 (APT30)
Zirconium (APT31)
Periscope Group (APT40)
Double Dragon (APT41, Winnti Group, Barium, or Axiom names)
Dragonbridge
Hafnium
LightBasin - Also known as UNC1945
Tropic Trooper

Russia:

Fancy Bear (APT28)
Cozy Bear (APT29)
Berserk Bear
FIN7
Gamaredon (also known as Primitive Bear)
Sandworm
Venomous Bear

Iran:

Elfin Team (APT33)
Helix Kitten (APT34)
Charming Kitten (APT35)
Remix Kitten (also known as APT39, ITG07, and Chafer).
Pioneer Kitten

North Korea:

Ricochet Chollima (APT37)
Lazarus Group (also known as APT38 and Hidden Cobra)
Kimsuky