The Middle East and Asia have become the new hunting ground for malicious APT activity, with hackers using new techniques to target organisations according to new research. It was revealed that there had been a surge in the activities of Chinese-speaking hackers targeting government entities mainly in Taiwan and Malaysia, and CardinalLizard, which in 2018 increased its interest in Malaysia alongside an existing focus on the Philippines, Russia, and Mongolia. Chris Doman, Security Researcher at AlienVault commented below.
Chris Doman, Security Researcher at AlienVault:
“Asia is certainly a heavily targeted region, but this has been the case for a number of years. It may be that as targeted activity in the West drops off somewhat, by contrast Asian activity seems higher.
By AlienVault’s metrics, we’ve seen North Korean attackers as the most reported on this year in terms of individual campaigns that have been analysed.
We’ve seen both North Korean and some Chinese groups move from primarily espionage based attacks to additionally executing financially motivated attacks, such as crypto-currency mining.
It’s difficult to imagine hackers from North Korea not being directed in some form by the state, even though many now operate outside of the country itself.
In the case of Chinese attackers, it may be that they are trying to supplement income that they used to receive from the state but no longer do.
It’s interesting seeing an uptick in activity from China on Asia. That seems to have been a continuing trend over the past couple of years, as targeting of the West by Chinese hackers has decreased and they have looked to move onto other targets.”