Skip to main content

APT threats in Q1 2023 Ancaman APT pada Q1 2023

 According to Kaspersky's APT Q1 2023 report, publishe
d at the end of April 2023, during the first quarter of 2023, APT actors are reported to have developed intense activity.

From this report, it can be seen that the main trends from the first quarter of 2023 are as follows:

-        The established threat actors would continue to develop their tools. In reality, it seems that these are not new attack techniques, but the borrowing by some actors of techniques already developed and used by other actors while new threat actors emerge,

-        They extend the range of programming languages by using Go, Rust and Lua,

-        APT campaigns continue to expand their attack vectors in terms of geographic location: more and more APTs are now targeting victims on a global scale to many countries around the world and they are no longer limited to certain countries,

-        APT actors are looking at a wider range of sectors; they include state institutions and critical infrastructure, government and diplomatic agencies, aviation, energy, manufacturing, real estate, finance, telecommunications, scientific research, information technology and gaming.

-        Geopolitics remains a key driver of APT development, and cyber-espionage remains one of the primary targets of APT campaigns.

It can be concluded that no country and no sector of activity is spared from PTAs.

In terms of protection, if the entities at risk are protected by a state-of-the-art protection system, such as ARCHANGEL 2.0 NGFW, they have nothing to fear because this system effectively stops this type of attack.

Source: https://securelist.com/apt-trends-report-q1-2023/109581/

Ancaman APT pada Q1 2023

Menurut laporan APT Q1 2023 Kaspersky, yang diterbitkan pada akhir April 2023, selama kuartal pertama tahun 2023, para pelaku APT dilaporkan telah mengembangkan aktivitas yang intens.

Dari laporan tersebut terlihat bahwa tren utama dari kuartal pertama tahun 2023 adalah sebagai berikut:

- Pelaku ancaman yang mapan akan terus mengembangkan alat mereka. Pada kenyataannya, tampaknya ini bukan teknik serangan baru, tetapi pinjaman oleh beberapa aktor teknik yang sudah dikembangkan dan digunakan oleh aktor lain sementara aktor ancaman baru muncul,

- Mereka memperluas jangkauan bahasa pemrograman dengan menggunakan Go, Rust dan Lua,

- Kampanye APT terus memperluas vektor serangan mereka dalam hal lokasi geografis: semakin banyak APT sekarang menargetkan korban dalam skala global ke banyak negara di seluruh dunia dan tidak lagi terbatas pada negara tertentu,

- Pelaku APT melihat sektor yang lebih luas; mereka termasuk lembaga negara dan infrastruktur kritis, lembaga pemerintah dan diplomatik, penerbangan, energi, manufaktur, real estat, keuangan, telekomunikasi, penelitian ilmiah, teknologi informasi, dan permainan,

- Geopolitik tetap menjadi pendorong utama pengembangan APT, dan spionase dunia maya tetap menjadi salah satu target utama kampanye APT.

Dapat disimpulkan bahwa tidak ada negara dan sektor kegiatan yang terhindar dari APT.

Dalam hal perlindungan, jika entitas yang berisiko dilindungi oleh sistem perlindungan canggih, seperti ARCHANGEL 2.0 NGFW, mereka tidak perlu takut karena sistem ini secara efektif menghentikan jenis serangan ini.

Sumber: https://securelist.com/apt-trends-report-q1-2023/109581/

CHALLENGE CYBERSECURITY ARCHANGEL INDONESIA intelligententerprise FIREWALL ANCAMAN APT

Comments

Post a Comment

Popular posts from this blog

QUIZZ

The 3 first ones who will give the right answers to the 10 following questions will win a Personal Firewall ARCHANGEL© PICCOLO   1.       What is the relation between the 3 background photos that are on the profile page of Mr. Patrick HOUYOUX President-Director of PT SYDECO? 2.        How many devices does the Firewall of Next Generation ARCHANGEL© 2.0 series SA1470 protect and how many secure tunnels does it create? 3.       What is the price of a one-year licence that a user of ARCHANGEL© PICCOLO will have to pay to continue protecting his or her IT installations from the second year onwards? 4.       What are the three programs which are housed in a single server that enable PT SYDECO's Integrated Protection System, to protect data at all times? 5.       Can PICCOLO protect a Smartphone? 6.       When (D/M/Y) did PT SYDECO signed a MOU with the Faculty of Engineering of University Gadjah Mada Yogyakarta? 7.    What are the three main features that make SydeCloud©, PT SYDECO'
Post a Comment
Read more

A lesson in cyber safety

In an article published on 19 June 2023 in globalsecuritymag.fr/, Benoit Grunemwald, cybersecurity expert at ESET France, recounts the cyberattack suffered by REDDIT, an American social news aggregation, content rating, and discussion website, in February of the same year, and draws some lessons from it. This article follows the hackers' attempts, last repeated on 16 June, to obtain a ransom of 4.5 million dollars in order to delete the 80 GB of data stolen from the company, to which the company did not respond. The data was not encrypted, so the company did not lose it. However, the same cannot be said for its reputation.  Benoit Grunemwald explains that " It all started with a phishing email to harvest employee account data. All it takes is for a single employee to be trapped for cyber criminals to gain access to internal documents, software code, employee data , etc." He goes on to stress the " need to integrate in-depth security methods and resources, such as zer
Post a Comment
Read more

BOT attacks: a growing threat on the Internet

Bot attacks , the malicious and damaging use of automated computer programs known as bots (or BOTS), have become a growing concern and a pervasive reality in the modern digital landscape. BOTS, or software robots, are automated programs originally designed to perform tasks on the Internet without human intervention. Unfortunately, hackers have also managed to turn them into a hacking technique, created with malicious intent, to manipulate, defraud or disrupt a site, application, API or users, potentially causing enormous damage to businesses and users, compromising the security of systems and data. To carry out their BOTS attacks, the majority of hackers use software called botkits, which are freely available online and sold on the Dark Web. Vendors of this type of software also offer paid services to carry out BOT attacks, including software to power DDoS attacks. BOT attacks include, but are not limited to,  Email Spam , which is used to send spam emails containing malicious software
Post a Comment
Read more