2023年全球高级威胁态势研究报告

目录 2引言...............................................................................................................................................................6高级威胁篇...................................................................................................................................................92023年全球高级威胁综述......................................................................................................................9新披露的APT组织................................................................................................................................121.由猎影实验室首次发现并命名................................................................................................122.其他安全厂商披露....................................................................................................................17地缘下的高级威胁.................................................................................................................................271.北美地区....................................................................................................................................272.东欧地区....................................................................................................................................303.南亚地区....................................................................................................................................424.东亚地区....................................................................................................................................485.东南亚地区................................................................................................................................606.中东地区....................................................................................................................................637.其他地区....................................................................................................................................732023年高级威胁活动特点....................................................................................................................741.以破坏为目的的攻击活动兴起................................................................................................742.邮件服务器成为初始攻击的目标............................................................................................753.面向开发人员的供应链攻击活动增加....................................................................................764.针对加密货币行业的攻击变本加厉........................................................................................775.使用非主流编程语言作为逃避检测手段................................................................................776.商业服务与合法软件API被广泛使用....................................................................................782024年高级威胁活动预测....................................................................................................................781.借助AI的社会工程学攻击活动数量增多..............................................................................782.基于地缘政治的网络间谍活动数量增多................................................................................79 ©安恒云沙箱https://sandbox.dbappsecurity.com.cn ©安恒星图平台https://starmap.dbappsecurity.com.cn 3.针对移动、可穿戴设备的攻击活动兴起................................................................................804.针对供应链的攻击活动只增不减............................................................................................805.云基础设施成为新的战场........................................................................................................80 网络犯罪篇.................................................................................................................................................822023年网络犯罪团伙综述....................................................................................................................821.被打击的网络犯罪团伙............................................................................................................822.新出现的网络犯罪团伙............................................................................................................863.针对我国的黑灰产团伙............................................................................................................90地缘下的黑客主义行动.......................................................................................................................1041.俄乌冲突..................................................................................................................................1052.巴以冲突..................................................................................................................................110勒索软件团伙.......................................................................................................................................1131.新出现的勒索软件团伙..........................................................................................................1142.持续活跃的勒索软件团伙......................................................................................................1243.黑客雇佣组织............................................................................