As time passes, it seems that espionage cyber-attacks are getting more frequent every week, at least that’s the general feeling if you follow infosec news.
Barely five and a half months have passed in 2016, and the total number of cyber-espionage-linked incidents is up to 300, says security firm SurfWatch Labs, who released statistics about the groups and attacks that managed to get the most media attention this year so far.
The company says that cyber-espionage operations have been mainly aimed at central government structures, which is no surprise, taking into account that previous cyber-attacks against government entities have gone, in the vast majority of cases, unsanctioned and unpunished.
Hacking groups didn’t only target government entities, though. Software companies were the second most attack category overall, followed by Information Technology businesses, the consumer publishing sector, military and security forces, higher education institutions, and other media entities.
The most discussed cyber-espionage group, according to, is Group 27, a group linked to China, that was very active at the start of the year.
Arbor Networks issued a report on the group’s operations, called, in which the company detailed Group 27’s malware arsenal, mainly composed of the Trochilus remote access trojan.
Other APT groups that managed to get the media and the public’s attention include Scarlet Mimic, Poseidon APT, Firas Dardar, and Operation Pawn Storm. If the names confuse you, then you’ll find more information in this, which contains alternative nicknames, along with links to various security reports.