Skip to main content

APT threats in Q1 2023 Ancaman APT pada Q1 2023

 According to Kaspersky's APT Q1 2023 report, publishe
d at the end of April 2023, during the first quarter of 2023, APT actors are reported to have developed intense activity.

From this report, it can be seen that the main trends from the first quarter of 2023 are as follows:

-        The established threat actors would continue to develop their tools. In reality, it seems that these are not new attack techniques, but the borrowing by some actors of techniques already developed and used by other actors while new threat actors emerge,

-        They extend the range of programming languages by using Go, Rust and Lua,

-        APT campaigns continue to expand their attack vectors in terms of geographic location: more and more APTs are now targeting victims on a global scale to many countries around the world and they are no longer limited to certain countries,

-        APT actors are looking at a wider range of sectors; they include state institutions and critical infrastructure, government and diplomatic agencies, aviation, energy, manufacturing, real estate, finance, telecommunications, scientific research, information technology and gaming.

-        Geopolitics remains a key driver of APT development, and cyber-espionage remains one of the primary targets of APT campaigns.

It can be concluded that no country and no sector of activity is spared from PTAs.

In terms of protection, if the entities at risk are protected by a state-of-the-art protection system, such as ARCHANGEL 2.0 NGFW, they have nothing to fear because this system effectively stops this type of attack.

Source: https://securelist.com/apt-trends-report-q1-2023/109581/

Ancaman APT pada Q1 2023

Menurut laporan APT Q1 2023 Kaspersky, yang diterbitkan pada akhir April 2023, selama kuartal pertama tahun 2023, para pelaku APT dilaporkan telah mengembangkan aktivitas yang intens.

Dari laporan tersebut terlihat bahwa tren utama dari kuartal pertama tahun 2023 adalah sebagai berikut:

- Pelaku ancaman yang mapan akan terus mengembangkan alat mereka. Pada kenyataannya, tampaknya ini bukan teknik serangan baru, tetapi pinjaman oleh beberapa aktor teknik yang sudah dikembangkan dan digunakan oleh aktor lain sementara aktor ancaman baru muncul,

- Mereka memperluas jangkauan bahasa pemrograman dengan menggunakan Go, Rust dan Lua,

- Kampanye APT terus memperluas vektor serangan mereka dalam hal lokasi geografis: semakin banyak APT sekarang menargetkan korban dalam skala global ke banyak negara di seluruh dunia dan tidak lagi terbatas pada negara tertentu,

- Pelaku APT melihat sektor yang lebih luas; mereka termasuk lembaga negara dan infrastruktur kritis, lembaga pemerintah dan diplomatik, penerbangan, energi, manufaktur, real estat, keuangan, telekomunikasi, penelitian ilmiah, teknologi informasi, dan permainan,

- Geopolitik tetap menjadi pendorong utama pengembangan APT, dan spionase dunia maya tetap menjadi salah satu target utama kampanye APT.

Dapat disimpulkan bahwa tidak ada negara dan sektor kegiatan yang terhindar dari APT.

Dalam hal perlindungan, jika entitas yang berisiko dilindungi oleh sistem perlindungan canggih, seperti ARCHANGEL 2.0 NGFW, mereka tidak perlu takut karena sistem ini secara efektif menghentikan jenis serangan ini.

Sumber: https://securelist.com/apt-trends-report-q1-2023/109581/

CHALLENGE CYBERSECURITY ARCHANGEL INDONESIA intelligententerprise FIREWALL ANCAMAN APT

Comments

Post a Comment

Popular posts from this blog

 Hospital Security in Question In a recent article titled "Cyberattacks: Public and Private Hospitals, Is the Worst Yet to Come?", Jean-Michel Tavernier1 provides a detailed analysis of why the medical sector is a prime target for hackers. He highlights the vulnerabilities that allow hackers to access sensitive data such as medical records, insurance information, and payment details. The compromise of this data can have severe consequences for individuals' privacy, financial security, and even personal safety, not to mention the financial damage to institutions and the risks to the quality of care provided to patients. System Vulnerabilities Tavernier points to the "excessive interdependence of the entire healthcare chain." Hospitals collaborate with a multitude of interconnected providers and partners, creating numerous opportunities for attackers. He suggests managing the attack surface (ASM), which means controlling and securing all entry points where unautho...
Post a Comment
Read more

KEUANGAN & DATA PRIBADI PEMAIN GAME ONLINE DALAM BAHAYA

Melindungi Gamer Online: Memahami Risiko dan Solusi Dalam beberapa tahun terakhir, dunia game online telah mengalami pertumbuhan eksponensial, sejalan dengan meningkatnya nilai aset game. Namun, lonjakan popularitas ini juga membawa segudang risiko yang mengancam para pemain dan operator. Dari upaya peretasan dan pencurian akun hingga transaksi yang tidak sah dan eksploitasi data, bahaya yang mengintai di dunia digital selalu ada. Mengingat tantangan-tantangan ini, sangat penting untuk menjelaskan pentingnya langkah-langkah perlindungan yang kuat dan solusi inovatif. Memahami Lanskap Aset game, yang terdiri dari mata uang virtual, item, dan akun, adalah sumber kehidupan ekonomi game online. Nilainya melampaui ranah virtual, bahkan sering kali melampaui transaksi di dunia nyata. Meskipun demikian, perlindungan konsumen tradisional yang diberikan oleh layanan perbankan dan pembayaran tidak ada di ranah game. Operator platform game sering kali mengadopsi pendekatan laissez-faire, membuat ...
Post a Comment
Read more
                                                                     ERRARE HUMANUM EST   The Inescapable Nature of Human Error and Its Implications in Cybersecurity To err is human; one could even say it is a defining characteristic of humanity. Who has never made a mistake, whether out of distraction, ignorance, or because it was provoked? No one is immune to making mistakes, and most of the time, they are forgivable, even if their consequences can be very damaging. However, the fundamental, unforgivable error is doing nothing to avoid situations that lead to mistakes. Thus, to minimize errors due to distraction, one should avoid multitasking (for example, a surgeon operating should not be distracted by a nurse recounting her latest adventures) and refrain from performing actio...
Post a Comment
Read more