Kaspersky Lab Unmasks the History of Cyber Espionage in the APAC region

Equipped with detailed histories of previous cyber espionage attacks against countries in the , exposed the current state of the cyber espionage threat landscape in the region.

Kaspersky Lab_Vitaly Kamluk

Kaspersky Lab’s cybersecurity researcher VitalyKamluk revealed that the global cybersecurity company has already published reports about cyber espionage campaigns waged against businesses and organizations in the APAC region sincethe 2010.

“While modern hackers are not keeping records of their attacks, cybersecurity researchers are thoroughly documenting their tracks to understand their techniques and predict their next moves. After the infamous Stuxnet worm in 2010, Kaspersky Lab experts have witnessed a significant number of high-profile cyber espionage attacks singling out countries in the Asia Pacific region,” says Kamluk, Kaspersky Lab’s Director of Global Research and Analysis Team (GReAT) in APAC.

During the first Kaspersky Lab APAC CyberSecurity Weekend in Malaysia in 2015, Kaspersky Lab researchers have predicted the evolution of targeted attacks and expansion of cyber sabotage incidents in the region. The next few months saw Kaspersky Lab monitoring a wave of cyberespionage attacks across APAC and the Far East regions, discovering cyber spies infecting all range of mobile devices and slowly targeting businesses and infrastructure.

“Cyberespionage, a subset of intelligence activities in cyberspace, is covert in nature. The new generation of spies are not doing physical James Bond-style operations anymore — they are regular software developers and system operators. Their achievements remain in the darkness until researchers like Kaspersky’s GReAT discover and document their activities. The attackers are not writing the history of cyberattacks, but researchers do. And it doesn’t come as easy as making documentaries or writing memoirs. The work of researchers require high concentration and solving of multiple difficult logical problems on the way, which is why these stories are so valuable,” explains Kamluk.

Its long-standing commitment to cybersecurity research is one of the reasons why Kaspersky Lab continues to link up with industry leaders to help develop cybersecurity solutions across sectors.

Kaspersky Lab’s current collaboration with the National University of Singapore (NUS) turns a new leaf in the cybersecurity company’s research efforts in Asia as the two entities endeavor to create a groundbreaking technology that will efficiently help malware analysts and security response teams understand malware used in cyber attacks and identify attackers as swiftly as possible.

Their research project titled, “Malware Source Attribution through Multi-Dimensional Code Feature Analysis” is an innovative and practical approach to speed up the research of cybersecurity professionals in tracing APT malware codes and tracking hackers. It is among nine cyber security research projects recently granted funding by the Singapore government because of its significance to create impact in Singapore and potential to be used in people’s lives.

In the quest to analyze attacks and follow the trail of hackers, today’s cybersecurity experts normally collect evidence only after an incident happens. These malware artefacts are then analyzed and placed in juxtaposition with the history of malware attacks to establish the possible origins of threats actors responsible for the attack.

The development of the Kaspersky Lab-NUS research project is expected to further aid in improving the investigation of and heightening the protection against complex cyber attacks in the future.

“Our detailed records of previously active and still active APTs and cyber espionage groups eyeing state secrets, corporate data, and even money from the Asian countries are clear evidences of the existence of cyberespionage campaigns in the region. As majority of APAC countries are in their infant stage of gearing up their defenses against more sophisticated online threats, we at Kaspersky Lab urge the public and private sectors to work together in fast tracking cybersecurity laws and measures that will guard their cyberspace. A cyber espionage is borderless. It is no longer a question of possibility, it is now a question of when and how worst an attack will be,” warns Kamluk.