Advanced Persistent Threats — Prelims Strategy

For Prelims preparation on APTs, focus on memorizing key definitions, characteristics, and factual information about major APT groups and their attributions. Create a comparison chart between APTs and other cyber threats (ransomware, malware, DDoS) highlighting duration, objectives, and sophistication levels.

Memorize specific legal provisions including IT Act sections 43A and 66F, and understand Article 355's application to cyber threats. Study major APT groups targeting India: APT1 (China/PLA Unit 61398), Lazarus Group (North Korea), Cozy Bear and Fancy Bear (Russia).

Remember key institutions: CERT-In, NCIIPC, and their specific roles. Practice elimination techniques by understanding common traps: confusing APTs with ransomware (immediate vs persistent), mixing up attribution (state-sponsored vs criminal), and misunderstanding legal frameworks.

Focus on current affairs connections, particularly recent cyber incidents affecting Indian infrastructure. Use the PERSIST mnemonic for APT characteristics: Persistent, Evasive, Resource-rich, Sophisticated, Intelligence-focused, Stealthy, Targeted.

Pay attention to technical terms like 'living off the land,' 'lateral movement,' and 'zero-day exploits' as these frequently appear in options. Review international cooperation frameworks and bilateral cyber security dialogues as factual questions often test knowledge of specific agreements and partnerships.