Kaspersky researchers have detected a trend in APT groups diversifying their toolsets in the third quarter, representing a larger increase in sophistication of attacks between Q2 and Q3 of 2020 than other years. APTs typically tend to resort to traditional tactics and procedures that have been working for years, however, it seems that groups have been more innovative over the past few months.
One attack last quarter saw a threat actor modifying platform level firmware to inject persistent and sophisticated malware onto an organization’s network, highlighting the adaptive nature of APT groups this quarter. Kaspersky described the recent activity as “curious,” stating that at least two organizations were infected with the previously mentioned malicious firmware implant. Even as these APT threat actors rely on old tactics when possible, it is likely that shifting political and cybersecurity climates have pushed them to up their ante in terms of perpetrating successful cyberattacks.
Read More: APT Groups Get Innovative and More Dangerous in Q3