FireEye Inc Advanced Threat Report
MALAYSIA (20 August 2014) — FireEye, Inc., the leader in stopping today’s advanced cyber attacks, today announced the release of its Advanced Threat Report for the Asia Pacific region. Detailing malicious activities captured by the FireEye Security Platform throughout the first six months of 2014, the report finds the region is more frequently attacked by various advanced persistent threat (APT) actors than the global average. Additionally, Malaysia was one of the top 10 countries exposed to advanced persistent threats in the region, with variants from the malware families DarkComet and Mirage being used in more than 50 percent of the attacks.
Top Countries With Advanced Persistent Threat (APT) Activity In Asia Pacific and Japan
- South Korea
- Hong Kong
From the report ASEAN saw specific threat activity:
- Within ASEAN, both Singapore and Thailand were below the regional average at 41 percent and 39 percent respectively, with other key countries like Indonesia and Malaysia seeing less exposure to advanced threats. However, this is still above the global average of 36 percent.
- Governments in Southeast Asia are a major target of a variety of APT malware.
- Mirage has been known to be used for specific purposes in Asia, often employing legitimate decoy documents that are related to regional events such as ASEAN summits, Asia-Pacific Economic Cooperation (APEC) summits, energy exploration, or military affairs.
- Malware in other APT attacks has been seen contacting C2 servers located in Germany, Canada, Singapore and Romania.
Drawing on data gathered from unique cyber and malware command and control (CnC) communications, the Advanced Threat Report (ATR) provides a look into cyber attacks that routinely bypass traditional defenses such as firewalls, next-generation firewalls, IPS, anti-virus, and security gateways. Some of the key findings from the Regional ATR for the Asian Pacific region based on the data gathered by FireEye include:
The following verticals were the top five most targeted by APT attacks in 2013:
- Services / Consulting / VAR – 19.8 percent
- Government – 13.5 percent
- High-tech – 13 percent
- Entertainment / Media / Hospitality – 10.2 percent
- Telecom – 9.2 percent