“On the other hand, several China-aligned threat actors exploited vulnerabilities in public-facing appliances, such as VPNs and firewalls, and software, such as Confluence and Microsoft Exchange Server, for initial access to targets in multiple verticals,” the researchers wrote. “North Korea-aligned groups continued to target aerospace and defense companies and the cryptocurrency industry.”
Russia-aligned APT groups topped the list of attack sources, according to ESET, at 33% of attacks tracked. China-aligned threat actors comprised 25% of attack sources, with APT groups aligned with Iran (14%), North Korea (13%), and other Middle East countries (7%) rounding out the top five.
Government entities were the top targets across Europe, Asia, Middle East, and the Americas. Other notable verticals under increased pressure have been energy and defense firms in Europe, engineering and manufacturing firms in Asia and the Middle East, and education, healthcare, and retail companies in the Americas.