Today I desire to analyze with you the data proposed by FireEye in the 2013 Advanced Threat Report (ATR), the study provides a high-level overview of the computer network attacks discovered by the company during 2013. The 2013 Advanced Threat Report (ATR) is focused on the advanced persistent threat (APT) evolution, it provides data on means and methods of attackers giving particular attention to state-sponsored operations.
The APT identified are responsible for long term campaigns of high complexity mainly oriented to intellectual property theft, large-scale cyber espionage, and attacks against critical infrastructures.
The experts at FireEye collected data from the FireEye® Dynamic Threat Intelligence™ (DTI) cloud, key figures of the report are:
The experts discovered control server all over the world, a widespread offensive that caused 4,192 incidents. The top APT targets in 2013 includes of course US, South Korea and Canada, surprising is that Canada with US and Germany was hit by the highest number of unique malware families.
To improve the efficiency of their operations the attackers used zero-day exploits mainly targeting Java solutions and Internet Explorer (IE), during 2013 FireEye discovered eleven zero-day attacks. The attacks against the Microsoft browser were used in watering hole attacks against US government websites.
Education, Finance, and High-Tech were the top overall targets as you can note “Government” is not among the top, despite it was targeted by the highest number of unique malware families.
As remarked in conclusion of the Advanced Threat Report (ATR), the landscape of cyber security is rapidly evolving and it’s hard to predict the evolution of cyber threats despite the following trends appear outlined:
Enjoy the reading!
(Security Affairs – APT, 2013 Advanced Threat Report (ATR))
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.