Today I desire to analyze with you the data proposed by FireEye in the 2013 Advanced Threat Report (ATR), the study provides a high-level overview of the computer network attacks discovered by the company during 2013. The 2013 Advanced Threat Report (ATR) is focused on the advanced persistent threat (APT) evolution, it provides data on means and methods of attackers giving particular attention to state-sponsored operations.
The APT identified are responsible for long term campaigns of high complexity mainly oriented to intellectual property theft, large-scale cyber espionage, and attacks against critical infrastructures.
The experts at FireEye collected data from the FireEye® Dynamic Threat Intelligence™ (DTI) cloud, key figures of the report are:
The experts discovered control server all over the world, a widespread offensive that caused 4,192 incidents. The top APT targets in 2013 includes of course US, South Korea and Canada, surprising is that Canada with US and Germany was hit by the highest number of unique malware families.
To improve the efficiency of their operations the attackers used zero-day exploits mainly targeting Java solutions and Internet Explorer (IE), during 2013 FireEye discovered eleven zero-day attacks. The attacks against the Microsoft browser were used in watering hole attacks against US government websites.
Education, Finance, and High-Tech were the top overall targets as you can note “Government” is not among the top, despite it was targeted by the highest number of unique malware families.
As remarked in conclusion of the Advanced Threat Report (ATR), the landscape of cyber security is rapidly evolving and it’s hard to predict the evolution of cyber threats despite the following trends appear outlined:
Enjoy the reading!
(Security Affairs – APT, 2013 Advanced Threat Report (ATR))