There is absolutely differing levels of sophistication in cyber attacks. The presence of new exploits, clever persistence mechanisms, evidence of a staged attack involving multiple targets (i.e. attacking a company through a compromised vendor, using a certificate from a prior breach), ability to break out of security boundaries like hypervisors, custom malware, jumping of air gaps, handling of multi-factor authentication, clever use and depth of renaissance, ability to change tactics in response to detection, specialization across multiple security contexts, highly scoped and pre-planned operations; these are some things that suggest higher levels of sophistication.
Unfortunately the term is thrown around pretty loosely, limiting the usefulness of the term.
Unfortunately the term is thrown around pretty loosely, limiting the usefulness of the term.