Philippines tops ASEAN list of countries exposed to Advanced Persistent Threat activity
PHILIPPINES – Aug. 14, 2014 — FireEye, Inc., the leader in stopping today’s advanced cyber attacks, today announced the release of its Advanced Threat Report for the Asia Pacific region. Detailing malicious activities captured by the FireEye Security Platform throughout the first six months of 2014, the report finds the region is more frequently attacked by various advanced persistent threat (APT) actors than the global average. Additionally, Philippines was the most exposed ASEAN country to advanced persistent threat activity, with significant peaks in the first six months of this year.
Drawing on data gathered from unique cyber and malware command and control (CnC) communications, the Advanced Threat Report provides a look into cyber attacks that routinely bypass traditional defenses such as firewalls, next-generation firewalls, IPS, anti-virus, and security gateways. Some of the key findings from the Regional Advanced Threat Report for the Asian Pacific region based on the data gathered by FireEye include:
The following verticals were the top five most targeted by APT attacks in 2013:
- Services/Consulting/VAR – 19.8 percent
- Government – 13.5 percent
- High-tech – 13 percent
- Entertainment / Media / Hospitality – 10.2 percent
- Telecom – 9.2 percent
- In ASEAN, Philippines ranked highest on list of APT activity, seeing more advance threat activity than Singapore, Thailand and Malaysia.
- Malware families Hussarini and Page were particularly active in Philippines.
Southeast Asia / ASEAN
- Within ASEAN, both Singapore and Thailand were below the regional average at 41 percent and 39 percent respectively, with other key countries like Indonesia and Malaysia seeing less exposure to advanced threats. However, this is still above the global average of 36 percent.
- Governments in Southeast Asia are a major target of a variety of APT malware.
- Mirage has been known to be used for specific purposes in Asia, often employing legitimate decoy documents that are related to regional events such as ASEAN summits, Asia-Pacific Economic Cooperation (APEC) summits, energy exploration, or military affairs.
- Malware in other APT attacks has been seen contacting C2 servers located in Germany, Canada, Singapore and Romania.
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,500 customers across 65 countries, including over 150 of the Fortune 500.