14 DAY TRIAL // Security solutions provider FireEye has released a study called “The Advanced Cyber Attack Landscape.” The report, based on over 12 million malware communications, provides some insight into the sophisticated attacks launched by cybercriminals.
The study shows that 184 countries house command and control (C&C) servers and communication hubs used by cybercriminals. This represents a 41% increase compared to 2010, when only 130 countries were found to be hosting crimeware servers.
Most of these servers are located in Asian and Eastern European countries such as Russia, Poland, Ukraine, Romania, Kazakhstan, China, South Korea, India, Japan, and Hong Kong. The Asian countries account for 24% of the global number, while the European countries represent 22%.
And, since there can’t be a report in which China is not mentioned, FireEye has found that 89% of advanced persistent threats are associated with tools created and distributed by Chinese groups. The main tool named in the report is the notorious Gh0stRAT.
When it comes to the targets of advanced persistent threats, tech companies top the chart. Such organizations are often targeted for sabotage, the theft of intellectual property, and even to make modifications to source code in an effort to support other criminal activities.
“The threat landscape has evolved, as cyber threats have outpaced traditional signature-based security defenses, such as anti-virus, and permeated around the world, enabling cybercriminals to easily evade detection and establish connections inside the perimeter of major organizations,” noted FireEye CEO David DeWalt.
“The FireEye research puts in proper perspective the global pandemic of this new breed of advanced cyber attacks,” DeWalt added.
“The Advanced Cyber Attack Landscape” is available for download here (registration required). The interactive maps released along with this report can be found here.