APTs are often conducted in campaigns—a series of failed and successful attempts over time to get deeper and deeper into a target’s network—and are thus not isolated incidents. In addition, while malware are typically used as attack tools, the real threat is the involvement of human operators who will adapt, adjust, and improve their methods depending on their intended targets.