185/68 Thursday, May 22, 2025
A recent cyber threat activity report by ESET reveals a significant rise in Advanced Persistent Threat (APT) operations originating from Asia, particularly those linked to China and North Korea. These APT groups accounted for over 55% of all documented cyberattacks between Q4 2024 and Q1 2025. While Europe remains the primary target, there has been a notable increase in attacks across Southeast Asia, especially targeting government agencies and educational institutions.
Countries like India, Taiwan, and the Philippines are actively working to strengthen their cyber defense capabilities in response to the growing threat landscape.
Robert Lipovsky, Senior Malware Researcher at ESET, stated that China’s expanding cyber operations align closely with its Belt and Road Initiative, with a particular focus on the maritime sector. This highlights the use of cyber operations as a geopolitical tool. Chinese APT groups have also evolved their attack techniques, increasingly leveraging zero-day vulnerabilities and Living-off-the-Land (LotL) tactics to evade detection—contrasting with Russia-backed groups, which continue to rely heavily on spear-phishing campaigns.
Meanwhile, DeceptiveDevelopment, a North Korea-linked group, has adopted new tactics, such as fake job recruitment lures that deliver malware to individuals working in the cryptocurrency sector across Europe. Researchers from Trend Micro note that many countries in the Asia-Pacific region are enhancing their cyber capabilities in response to rising geopolitical tensions.
While Chinese APT groups have begun shifting their focus toward the U.S. and Europe, their activities in Asia have not ceased. Analysts predict that offensive cyber operations from Asia will continue to rise in the near future, both in scale and sophistication.
Source https://www.darkreading.com/cyber-risk/asia-apt-actors-focus-expands-globally
