Tools developed by state secret services and threat actors related to government have been leaked to the black market. This has put advanced exploits at the disposal of criminal groups that would otherwise not have access to such sophisticated code. Consequently, Advanced Persistent Threats (APTs) are no longer only targeting mostly specific government institutions and critical infrastructure but also other commercial sectors. One example is the emergence of advanced targeted threat (APT) campaigns focused not on cyberespionage, but on theft - stealing money to finance other activities the APT group is involved in.
To protect against APT (group) attacks it is imperative to study the adversary and their techniques and tools used during attacks. Sophisticated Threat Intelligence will probe to identify the specific characteristics of an APT (group) and search for the intrusion techniques and customised tools developed for each target during each stage of an attack - infiltration, expansion and exfiltration.
However, only a handful of organisations truly have the research capacity and global reach to effectively predict and therefore prevent APT (group) attacks.
Kaspersky’s Global Research and Analysis Team (GReAT) has developed unrivalled expertise in the discovery and analysis of APT activity across the globe. They're tracking ongoing activity of 200+ threat actors, sophisticated malicious operations, cyberespionage campaigns and major malware, ransomware and underground cybercriminal trends in 85 countries, leveraging petabytes of Kaspersky statistical data and deep knowledge about malware behaviors acquired during 20 years of continuous, global threat research.
