An attacker establishes themselves on a system in such a way to enable the stealing of data over time. What kind of attack is this?

The scenario describes an attacker who embeds themselves within a system to exfiltrate data over an extended period. This behavior aligns closely with Advanced Persistent Threats (APTs).

APTs are characterized by a prolonged and targeted approach, where attackers gain initial access to a system and maintain that access over time, often using it to steal sensitive information gradually. These threats often involve sophisticated techniques, lateral movements within networks, and the ability to avoid detection while they persist in the environment.

In contrast, other types of attacks, such as Data Breaches, typically indicate one-off incidents where data is stolen without the prolonged level of access described. Malicious Insiders refer to individuals within an organization who misuse their access for harmful purposes, which does not reflect the external persistence suggested in the question. Account Hijacking involves taking over a legitimate user’s account but does not imply the patient, ongoing access characteristic of APTs.

Therefore, the correct identification of the attack as an Advanced Persistent Threat highlights the methodical approach of the attacker in establishing a foothold in the system and consistently stealing data over time.