This is a type of attack that happens when a hacker gains access to a network and remains undetected for a long period of time, often monitoring activities, gathering confidential data, installing malwares and ransomwares so as to compromise more devices. The attacker can have access to the system for a long period of time without being detected, and this allows them gain access to large amount of data. When they finally launch the attack, it is usually massive because they have gathered enough data to cause huge damages.
Because of the duration it takes to plan and execute this kind of attack, it often costs the hackers a lot in time and money. This attack is usually carried out by state-actors or well-funded criminal organizations. The target is usually to steal sensitive information or disrupt business operations.
It is important to have an anti-virus software that is updated and capable of monitoring the network for suspicious activities. Some of the suspicious activities could be unusual network traffic or unexpected changes in system configurations. Whenever these are detected without any reasonable explanation to it, change every passwords or put the system on a lockdown mode such that no one could gain access for a period of time.
It is also recommended to implement network segmentation as this would prevent any attacker that manages to gain access to the network from being able to access every part of the network and sensitive data.
There has to be a policy on change of passwords across all levels. A change of password is capable of terminating whatever field day the attacker was already having. The passwords must also follow some set of rules such that it would be very difficult to guess correctly. A difficult to guess password must be up to 8 characters long, contain at least an uppercase character, a lowercase characters, a number and a symbol.
Regular security assessments such as penetration testing must be conducted every once in a while by ethical hackers, to determine if there are any vulnerabilities that needs patching.