SOC, TI and IR posts

External attack surface and ongoing cybercriminal activity in APAC region

To prevent a cyberattack, it is vital to know what the attack surface for your organization is. To be prepared to repel the attacks of cybercriminals, businesses around the world collect threat intelligence themselves or subscribe for threat intelligence services.

Continuous threat research enables Kaspersky to discover, infiltrate and monitor resources frequented by adversaries and cybercriminals worldwide. Kaspersky Digital Footprint Intelligence leverages this access to proactively detect threats targeted at organizations worldwide, their assets or brands, and alert our customers to them.

In our public reports, we provide overview of threats for different industries and regions based on the anonymized data collected by Kaspersky Digital Footprint Intelligence. Last time, we shared insights on the external attack surface for businesses and government organizations in the Middle East. This report focuses on Asia Pacific, Australia and China. We analyzed data on external threats and criminal activities affecting more than 4,700 organizations in 15 countries and territories across this region.

Main findings

  • Kaspersky Digital Footprint Intelligence found 103,058 exposed network services with unpatched software. Government institutions’ network resources were the most affected by known vulnerabilities.
  • More than one in ten encountered vulnerabilities in the external perimeters of organizations were ProxyLogon. In Japan, this vulnerability was found in 43% of all unpatched services.
  • 16,003 remote access and management services were available for attackers. Government institutions were the most affected ones.
  • On the Darknet, hackers prefer to buy and sell accesses to organizations from Australia, mainland China, India and Japan.
  • Australia, mainland China, India and Singapore comprise 84% of all data leak sell orders placed on Darknet forums.

You can find more information about the external attack surface for organizations in APAC region, as well as data sold and searched for in the dark web, in the full version of our report. Fill in the form to download it.

If you do not see the form above this sentence, please, add this page to exceptions in your browser privacy settings and/or your ad blocker.

External attack surface and ongoing cybercriminal activity in APAC region

Your email address will not be published. Required fields are marked *

 

Reports

Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

Subscribe to our weekly e-mails

The hottest research right in your inbox