According to wikipedia, the definitive source of all infosec knowledge, "An advanced persistent threat (APT) is a stealthy computer network threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period."
The takeaway from this is having a strategic vision and long term goals on a network that extend far past the timeline of a snatch and grab or ransomware.
So our requirements to become an APT are:
- Develop our own toolset(s)
- Maintain persistence for long periods of time
- Accomplish a strategic mission.
Sounds simple enough.