There have been a lot of discussions involving APT (Advanced Persistent Threat) attacks. Many abuse this term to define any sufficiently advanced attack, no matter the motives of the attacker and as long as the attacked party is a high profile company or any organization that can get the information security community’s attention.
Please note that depending on whom you ask, sufficiently advanced is a widely fuzzy qualifier and must not be considered as a valid definition given the bias that is introduced, voluntarily or not, by the involved parties.
That said, I believe that all APT attacks share something in common, as written on page 69 of the IBM X-Force 2010 Trend and Risk Report:
the key is that the attacker is dedicated to maintaining a persistent capability to extract data.
Another good and far more complete definition of APT has been proposed by Richard Beijtlich in early 2010. Richard now works for MANDIANT, a company that seems to have an extensive experience in dealing with such attacks.
