- ITDM 2025 전망 | 금융 플랫폼 성패, 지속가능한 사업 가치 창출에 달렸다” KB국민카드 이호준 그룹장
- “고객경험 개선하고 비용은 절감, AI 기반까지 마련” · · · AIA생명의 CCM 프로젝트 사례
- 2025年、CIOはAIに意欲的に投資する - そしてその先も
- The best robot vacuums for pet hair of 2024: Expert tested and reviewed
- These Sony headphones eased my XM5 envy with all-day comfort and plenty of bass
APT Groups Expand Reach to New Industries and Geographies
An increasing number of advanced persistent threat (APT) groups have been updating their toolsets and exploring new attack vectors in terms of both locations and target industries.
The findings come from Kaspersky’s latest APT trends report for the first quarter of 2023. It suggests known threats such as Turla, MuddyWater, Winnti, Lazarus and ScarCruft have regularly updated their tools.
The report also mentions campaigns from newly discovered threat actors like Trila.
In terms of programming languages used by these groups, Go, Rust and Lua have been particularly prominent.
Malicious campaigns from these actors have been geographically dispersed.
“This quarter, we have seen actors focus their attacks on Europe, the US, the Middle East and various parts of Asia,” Kaspersky wrote.
MuddyWater is mentioned directly in the report as an actor that previously preferred targeting Middle Eastern and North African entities and has expanded its activity to Azerbaijan, Armenia, Malaysia and Canada.
Read more on MuddyWater here: MuddyWater Uses SimpleHelp to Target Critical Infrastructure Firms
The same goes for targets, according to Kaspersky: “They include government and diplomatic bodies, aviation, energy, manufacturing, real estate, finance, telecoms, scientific research, IT and gaming sectors,” the company wrote.
Most of the attacks targeting these entities were reportedly political.
“Geo-politics remains a key driver of APT development, and cyber-espionage continues to be a prime goal of APT campaigns.”
Commenting on the findings, David Emm, a principal security researcher at Kaspersky’s Global Research and Analysis Team (GReAT), said some distinct trends are emerging in the APT landscape.
“While we have been tracking the same APT actors for decades, it’s clear they are continually evolving with new techniques and toolsets,” the executive explained.
“Organizations must remain vigilant and ensure they are equipped with threat intelligence and the appropriate tools to defend against existing and emerging threats.”
A fitting example of these shifting tactics has been observed recently in Russian hackers, who have started focusing on espionage campaigns in Ukraine.