FireEye, Inc. (NASDAQ: feye) and Singapore Telecommunications Limited (SingTel), November 19 published a new report on advanced cyber attacks against organizations in Southeast Asia. In the first half of the year, organizations observed in the region faces a risk 45 percent higher to cope with a cyber attack that targeted the world average. In the six months before they faced a risk only 7 percent more.
Across the region, 29 percent of observed organizations were targeted with advanced cyber attacks in the first half of 2015. Thailand and the Philippines were the hardest hit, with 40 percent and 39 percent of observed organizations exposed to these attacks, respectively.
Percentage of observed FireEye customers were affected by targeted malware from January to June 2015
More than a third of malware detections associated with advanced persistent threat (APT) groups originating in the entertainment industry, media and hospitality. By targeting media organizations, threat groups can access news before it is published and potentially identify anonymous sources.
FireEye observed at least 13 groups APT targeting national government agencies and at least four groups APT targeting regional or state governments in the world.
"Espionage is not new, but it is increasingly conducted online, and in Southeast Asia is a hot spot," said Eric Hoh, president for Asia Pacific Japan FireEye . "Geopolitics may lead cyber attacks. In South Asia becomes a more important economic player on the world stage and tensions flare in the South China Sea, organizations must prepare for targeted attacks."
William Woo, Managing Director, Enterprise Data and Managed Singtel said the report services, "said the frequency and sophistication of cyber attacks against all types of industries and businesses in the region. The risk attack, facing regional companies is higher than the global average. as a result, these companies must prioritize strengthening their cyber defenses. Although APT attacks can be detected in a shorter time than before, currently after 205 days, which still leaves wide open companies for malicious activities in their violated environment. "
Threat Intelligence is an important tool for organizations looking to stay ahead of the attackers. the report provides an overview of recent developments in the cyber threat landscape of Southeast Asia, such as institutions for focus groups to gather political and economic intelligence, detecting a campaign of cyber espionage known and technical actors of the threat of changing to evade detection.
compromised state bank
FireEye malware Marking observed from a state bank in Southeast Asia. FireEye Threat Intelligence believes the malware, called CANNONFODDER, is most likely to be used by Asian cyber threat groups to obtain political and economic intelligence. At the end of 2014, FireEye observed markup malware from an Asian telecommunications company. In mid-2014, the company has seen the actors of the threat of sending spear phishing emails with malicious attachments to employees of an Asian government.
cyber espionage campaign detected decade
In April 2015, FireEye published a report documenting an advanced persistent threat group called APT30, which conducted an operation 'cyber espionage against corporations, governments and journalists in Southeast Asia for 10 years. The malware that group, called Lecna made up 7 percent of all detections of FireEye customers in South Asia in the first half of 2015.
Source: FireEye Inc.