TeamT5 is a leading brand in delivering Asia Pacific intelligence. In this article, we summarize the threat landscape of advanced persistent threats (APT) in the Asia-Pacific region in 2024, not only provide annual observations, but also point out the cyber threats worth paying attention to in 2024.This article is an excerpt version which summarizes key statistics. To obtain the complete threat intelligence report, you may fill up the form at the bottom to obtain the “APT Threat Landscape in APAC 2024: Blurred Lines of Cyber Attacks” report.To discover similar cyber threat intelligence which is focused in the Asia-Pacific region, please sign up for the trial of our award-winning threat intelligence platform ThreatVision. Please indicate on the ThreatVision page that you would like to apply for trial.
Threat Statistics in 2024: Data & Observations
In 2024, until the end of November, TeamT5 actively tracked 30 new vulnerabilities being exploited in the wild, along with around 500 attack operations across 42 countries, which we attributed to 73 known adversaries and more than 200 malware / hacking tools being used.
We also identified 45 victims being compromised in 9 countries and tried to notify through our trustworthy partners. And helped 33 IR cases for our customers. You could imagine all the above data contributing to our intelligence reports. Generally speaking, most of them show a tendency of increasing.
TeamT5 is actively tracking vulnerability exploitation attacks in the wild. In 2024, 30 widespread attacks were tracked by TeamT5, around 400 victim hosts across 21 countries were identified to be compromised.
We would like to highlight that 5 of them are email system related and 14 are exploiting edge devices, indicating they are high priorities of threat actors to access targets. Our research also shows EtherBei (aka Flax Typhoon) to be the most active threat actors to adopt these exploits.
During the course of our research, we also discovered some threat actors built their botnet or so called Operation Relay Box network by implanting malware like GobRAT, NatWalk and GenSeven.
Lastly, there’s also a tendency that more management services of edge devices are being exploited, such as FortiManager, Versa Director or Palo Alto Firewall, e.t.c., meaning that threat actors might compromise multiple entities by intruding on one device. We believe this is a threat that management service providers or big enterprises should be aware of.
This article is an excerpt version which summarizes key statistics. To obtain the complete threat intelligence report, you may fill up the form at the bottom to obtain the “APT Threat Landscape in APAC 2024: Blurred Lines of Cyber Attacks” report.To discover similar cyber threat intelligence which is focused in the Asia-Pacific region, please sign up for the trial of our award-winning threat intelligence platform ThreatVision. Please indicate on the ThreatVision page that you would like to apply for trial.