JAKARTA - Kaspersky has just launched the Advanced Persistent Threat Report (APT), which revealed the busy APT activity in the first quarter of 2023, with a mix of advanced new actors in various campaigns.
The report shows that, so far, APT players are busy updating devices and expanding their attack vectors both in terms of geographical locations and industrial targets.
During the first three months of 2023, Kaspersky researchers discovered new trends of tools, techniques, and campaigns launched by APT groups in cyberattacks around the world. Some of these trends are as follows:
Recent techniques and updated tools
In Q1 2023, Kaspersky researchers saw that well-known threat actors such as Turla, MuddyWater, Winnti, Lazarus, and ScarCruf, continued to develop their devices. For example, Turla is seen using TunnusSched's backdoor, a relatively unusual tool for this group, which is known to be used by Tomiris. This shows how state-of-the-art APT actors are able to adapt and develop their tactics to stay ahead of the game.
More and more industries are being targeted by APT players
APT actors continue to develop beyond their traditional victims, such as state institutions and high-profile targets, which are now starting to target the aviation, energy, manufacturing, real estate, finance, telecommunications, scientific research, IT, and games sectors, because they have large amounts of data serving strategic requirements related to national priorities.
また読む:
Geographic expansion
Furthermore, Kaspersky experts are also witnessing advanced APT actors launching attacks with a focus on Europe, the United States, the Middle East, and various parts of Asia. While most of the perpetrators previously targeted casualties in certain countries, now more and more APTs are targeting targets globally.
For example, MuddyWater, a threat actor who previously showed preference for targeting Middle East and North Africa entities, has expanded its dangerous activities to organizations in Azerbaijan, Armenia, Malaysia, and Canada, in addition to previous targets in Saudi Arabia, Turkey, United Arab Emirates, Egypt, Jordan, Bahrain, and Kuwait.
"Organizations must remain vigilant and ensure they are equipped with comprehensive threat intelligence and tools to fortify themselves from both existing and new threats," said David Emm, principal security researcher at Kaspersky's Global Research and Analysis Team (Global Research and Analysis Team/GReAT) in a written statement received in Jakarta.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
