APT Group Attack Method Commonalities Against Critical Infrastructure

Join us for a data-driven webinar on how state and non-state sponsored groups are using Advanced Persistent Threat (APT) tactics to successfully breach critical infrastructure—and the most efficient ways to stop them.

Dr. Ymir Vigfusson, professor of computer science at Emory University, and CTO of Keystrike, has analyzed how APT groups such as Typhoon have consistently exploited identity and access gaps across critical IT and OT systems leading to significant monetary and reputational damages. These breaches led to a dizzying array of new guidelines from federal agencies like NIST, CISA, and the EPA aimed at protecting US critical infrastructure from these emerging and dangerous threats.

This session compares real-world attack patterns against current federal guidance to uncover a critical insight: APT groups continue to succeed—not because defenders lack standards, but because those standards don’t address the attackers’ preferred path.

Fortunately, the research also points to an efficient way to detect and block APTs before they reach sensitive systems.

In this webinar, we’ll cover:
• The most common methods and protocols exploited by state-sponsored attackers and other APT groups
• An analysis of the 2024–2025 best practices for critical infrastructure from CISA, NIST, and the EPA
• The most efficient and effective detection point and method to stop APT groups