The Show Must Go On for State-Sponsored APT Groups

Key insights

• Asia Pacific is the most targeted region by state-sponsored threat actors with 34 campaigns being spotted in this region. The most active APT groups were from China, North Korea, Iran, and Pakistan.
• Pro-government attackers from Iran, Pakistan, Turkey, China, and Gaza carried out 18 campaigns in the Middle East and Africa. In all, more than 500 successful ransomware attacks in more than 45 countries were reported.
• Most state-sponsored threat actors originate from China (23 APT groups), Iran (8), North Korea (4), Russia (4), India (3), and Pakistan and Gaza (2 each). South Korea, Turkey, and Vietnam reportedly have only one APT group each. 

Attack vectors

• Threat actors have set new records by launching 2.3 Tb per second and 809 million packets per second DDoS attacks. 
• The BGP hijacking and route leaks are still a serious problem, and threat actors are frequently exploiting these methods as well.

Additional information

• The nuclear industry is becoming a hot target for state-sponsored attackers. Recently, nuclear energy facilities in Iran and India were targeted by state-sponsored threat actors. 
• Recently, at least 11 groups affiliated with intelligence services were seen targeting the telecommunications sector. The main objective of threat actors is spying on telecommunications operators or disabling infrastructure.

Conclusion